-
A critical security flaw in the popular Java authentication library pac4j-jwt allows attackers to completely bypass authentication and impersonate any user, including administrators. Tracked as CVE-2026-29000, this vulnerability carries a maximum CVSS …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco recently disclosed a critical security vulnerability affecting its Secure Firewall Management Centre (FMC) software. This severe flaw carries a maximum severity score of 10.0 and allows unauthenticated, remote attackers to execute arbitrary code …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco recently disclosed a critical vulnerability in its Secure Firewall Management Centre (FMC) Software that allows unauthenticated remote attackers to gain complete root access to affected devices. Holding a maximum severity CVSS score of 10.0, this…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has issued critical software updates to address multiple vulnerabilities in the Catalyst SD-WAN Manager (formerly SD-WAN vManage) that could allow attackers to bypass authentication, elevate privileges to root, and execute arbitrary commands. The…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Qualcomm chipset vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on March 3, 2026, confirming active exploitation in the wild. The flaw, tracked as CVE-…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity security vulnerability has been discovered in the IPVanish VPN application for macOS. This flaw allows any unprivileged local user to execute arbitrary code with root privileges without requiring any user interaction. The attack bypasse…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog. This flaw, identified as CVE-2026-22719, is currently …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers from the Google Threat Intelligence Group (GTIG) have uncovered “Coruna,” a highly sophisticated iOS exploit kit responsible for compromising thousands of iPhones. Targeting iOS versions 13.0 through 17.2.1, the framewo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hewlett Packard Enterprise (HPE) has disclosed a remote authentication-bypass vulnerability in HPE AutoPass License Server (APLS) that could let unauthenticated attackers bypass login controls over the network. The issue is tracked as CVE-2026-23600 an…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat intelligence researchers at Team Cymru have uncovered an open-source AI-powered offensive security tool called CyberStrikeAI, actively used to target Fortinet FortiGate devices at scale, with its developer carrying suspected ties to China’…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
