-
A critical zero-day vulnerability in Dell RecoverPoint for Virtual Machines has been actively exploited by Chinese state-sponsored hackers since mid-2024. Mandiant and Google Threat Intelligence Group (GTIG) attribute this campaign to UNC6201, a threat…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Mozilla has released an emergency security update for Firefox, addressing a critical heap buffer overflow vulnerability in the libvpx library. The update, version 147.0.4, was announced on February 16, 2026, alongside corresponding patches for Firefox …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Apache NiFi users are being urged to upgrade after the project disclosed a high-severity authorization flaw tracked as CVE-2026-25903. The issue, published on 2026-02-16, can allow a less-privileged authenticated user to modify configuration properties…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Langchain development team has released a critical security update for the @langchain/community package to address a Server-Side Request Forgery (SSRF) vulnerability. Identified as CVE-2026-26019, this flaw exists within the RecursiveUrlLoader clas…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The three major cloud-based password managers, such as Bitwarden, LastPass, and Dashlane, collectively serve approximately 60 million users. Despite marketing claims of “zero-knowledge encryption,” the research team demonstrated that these …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft’s February 10, 2026, Patch Tuesday cumulative update KB5077181 for Windows 11 is being linked to severe boot failures on some devices, with users reporting systems that restart repeatedly and never reach the desktop. The issue is pr…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Joomla site owners using extensions that bundle the Novarain/Tassos Framework are being warned after a source code review identified multiple attack primitives that can be chained together to achieve administrator takeover and reliable remote code exec…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in the popular CleanTalk Spam Protection plugin for WordPress exposes websites to complete takeover. Tracked as CVE-2026-1490, this high-severity flaw allows unauthenticated attackers to bypass authorization mechanisms and inst…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security vulnerability in Airleader Master software has been disclosed by CISA, exposing industrial control systems across multiple critical infrastructure sectors to potential remote code execution attacks. The flaw, tracked as CVE-2026-135…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A high-severity vulnerability in FileZen, a file transfer solution developed by Soliton Systems K.K., enables authenticated attackers to remotely execute arbitrary operating system commands on affected systems. The security flaw, tracked as CVE-2026-25…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
