-
Despite Internet Explorer’s retirement, hackers are abusing the legacy MSHTA utility in stealthy fileless malware attacks targeting Windows users.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly discovered zero-day vulnerability in NGINX, dubbed “nginx-poolslip,” is raising serious concerns across the global cybersecurity community, as it exposes millions of servers to potential remote code execution (RCE) attacks. The vulnerability af…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has disclosed a critical security vulnerability in its Secure Workload platform that could allow unauthenticated attackers to gain high-level administrative access to sensitive enterprise environments. The flaw, tracked as CVE-2026-20223, carries…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Drupal Security Team has issued a warning about a highly critical vulnerability affecting Drupal core, with a security release scheduled for May 20, 2026 (PSA-2026-05-18). The flaw carries a severity rating of 20/25, indicating a significant risk t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, poses a serious risk to SSH private keys and other sensitive credentials. The flaw, present in the kernel since 2016, allows a local attacker to escalate from a basic shell accoun…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A public proof-of-concept (PoC) exploit called “PinTheft” has been released for a newly disclosed Linux kernel flaw that allows local attackers to escalate privileges to root on certain systems. PinTheft is a Linux local privilege escalation (LPE) expl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed security flaw in Anthropic’s Claude Code platform has exposed a critical weakness in its network sandbox, potentially allowing attackers to bypass restrictions and exfiltrate sensitive data. The issue, identified by security researche…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly disclosed vulnerability in ExifTool, tracked as CVE-2026-3102, exposes macOS systems to command execution attacks through malicious image metadata, highlighting ongoing risks in widely used file processing tools. ExifTool is a popular utility u…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Verizon DBIR 2026 reveals software vulnerabilities overtook stolen passwords in cyberattacks, with AI helping hackers exploit flaws within hours.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The ongoing TeamPCP software supply chain campaign has compromised the official Microsoft DurableTask Python client, a widely used package for orchestrating workflows in Python applications. Three versions of the durabletask package on PyPI, 1.4.1, 1.4…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
