Security Intelligence

Quick, You Need Assistance!

Field Effect has been tracking a Microsoft Teams vishing campaign leveraging Quick Assist to deliver a PowerShell...

Security Intelligence

Public PoC and probing reported for max‑severity Oracle Proxy flaw

Maximum-severity Oracle WebLogic vulnerability (CVE-2026-21962) is being actively probed, enabling unauthenticated...

Security Intelligence

Microsoft releases emergency patch for exploited Office flaw

Microsoft has issued an emergency patch for an actively exploited Office vulnerability that bypasses OLE protections...

Security Intelligence

CISA adds six new flaws to its KEV catalog

Multiple high-severity CVEs are being exploited in the wild, impacting enterprise infrastructure and developer...

Security Intelligence

Update: Fortinet Confirms New SAML SSO Issue Under Active Exploitation

On 01-22-2026, Fortinet released new analysis confirming the recently reported SSO intrusions stem from an unreported...

Security Intelligence

Fortinet FortiGate exploited via SSO authentication abuse

Researchers have identified an active campaign targeting Fortinet FortiGate devices, where attackers abuse SSO...

Security Intelligence

Threat actors exploit security-testing apps to breach cloud infrastructure

Threat actors are exploiting intentionally vulnerable security testing apps deployed in real cloud environments,...

Security Intelligence

Threat actors expand abuse of Visual Studio Code

Threat actors are abusing trusted Visual Studio Code workflows, using social engineering and malicious repositories to...

Security Intelligence

Phishing campaign behind CIRO breach signals rising threat to industry

CIRO’s August 2025 breach exposed investor data after a phishing attack. This analysis explores the incident and the...

Security Intelligence

China-nexus threat actors intensify targeting of internet‑facing systems in North America

New research shows China-aligned threat actors abusing zero-days and stolen credentials to gain persistent access to...

Security Intelligence

Knownsec leak uncovers China’s contractor-led cyber espionage

Leaked documents reveal how Chinese contractor Knownsec supports state-aligned cyber espionage through large-scale...

Security Intelligence

Fortinet issues fixes for critical flaws in FortiSIEM and FortiFone

Two critical Fortinet vulnerabilities in FortiSIEM and FortiFone enable unauthenticated exploitation when exposed...