-
Cato CTRL’s senior security researcher, Vitaly Simonovich, has uncovered a high-severity dos vulnerability in MongoDB, tracked as CVE-2026-25611, that lets unauthenticated attackers crash any exposed MongoDB server. CVE-2026-25611 is rooted in M…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are abusing interest in Anthropic’s Claude Code tools by setting up fake download pages that ultimately drop a lightweight infostealer via mshta.exe. The campaign shows how a single living‑off‑the‑land binary (LOLBIN) can power an effecti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day vulnerability in Cisco Catalyst SD-WAN infrastructure, tracked as CVE-2026-20127, is currently under active exploitation by highly sophisticated threat actors. The situation has grown considerably more severe following the public re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are abusing a new Linux-based toolkit dubbed RingH23 to silently compromise MacCMS-based video sites and hijack CDN infrastructure at scale, redirecting millions of users to gambling, pornography, and fraud platforms. Evidence shows Funn…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Suspected DPRK-linked threat actors have been observed compromising cryptocurrency firms through a coordinated campaign that blends web-app exploitation, cloud abuse, and secrets theft to position for large‑scale digital asset theft. The intrusions sho…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical security flaw in the popular Java authentication library pac4j-jwt allows attackers to completely bypass authentication and impersonate any user, including administrators. Tracked as CVE-2026-29000, this vulnerability carries a maximum CVSS …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A highly coordinated malware campaign that targets cryptocurrency and Web3 professionals through fake venture capital (VC) identities on LinkedIn. The operation combines advanced social engineering with cross-platform payloads and a ClickFix-style fake…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from pot…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco recently disclosed a critical security vulnerability affecting its Secure Firewall Management Centre (FMC) software. This severe flaw carries a maximum severity score of 10.0 and allows unauthenticated, remote attackers to execute arbitrary code …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered mobile espionage operation dubbed “RedAlert” has surfaced amid the ongoing Israel–Iran conflict, exploiting wartime fear and dependency on early-warning systems. The campaign targets civilians by distributing a trojanized version of …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
