-
A severe vulnerability affecting ASUSTOR Network Attached Storage (NAS) devices has been disclosed, potentially allowing unauthenticated attackers to seize full control of affected systems. Tracked as CVE-2026-24936, this critical flaw carries a CVSS v…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical server-side request forgery (SSRF) vulnerability affecting GitLab Community and Enterprise Editions to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, tracked…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google has released a new Stable Channel update for Chrome (version 144.0.7559.132/.133) on February 3, 2026, addressing two high‑severity vulnerabilities that could allow attackers to execute arbitrary code or cause system crashes. The update is rolli…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and potentially compromise entire clusters. Tracked as CVE-2026-24512, this high-severity flaw enables malicious …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Django Software Foundation has issued emergency security patches addressing six critical vulnerabilities affecting multiple versions of the popular Python web framework. Released on February 3, 2026, the updates fix severe flaws that could enable a…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are exploiting a critical remote code execution vulnerability in React Native’s Metro development server to deploy sophisticated malware payloads targeting software developers worldwide. The vulnerability, tracked as CVE-2025-11953 …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
ASUS has discontinued the File Shredder feature in its Business Manager software following the discovery of a critical security vulnerability, CVE-2025-13348. The company issued a security bulletin on February 2, 2026, addressing a flaw affecting ASUS …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hundreds of malicious skills are distributed through OpenClaw’s marketplace, transforming the popular AI agent ecosystem into a new supply chain attack vector. Threat actors are weaponizing the platform’s extensibility features to deliver d…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hikvision has disclosed a high-severity command execution vulnerability affecting multiple wireless access point models, potentially allowing authenticated attackers to execute arbitrary commands on affected devices. The company released an advisory on…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
