-
React2Shell (CVE-2025-55182) is a critical, pre-auth remote code execution weakness in React Server Components that impacts multiple React versions used across the React 19 ecosystem. WXA Internet Abuse Signal Collective (WXA IASC) is inaugurating To C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
SAP said the February 10, 2026 Patch Day delivered fixes across multiple SAP products and urged customers to apply patches with priority via the Support Portal to protect their SAP landscape. The highest-risk item highlighted this month is CVE-2026-048…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A newly documented Windows vulnerability, CVE-2026-20817, impacts the Windows Error Reporting Service (WER) and enables local privilege escalation. The issue matters because WER runs as NT AUTHORITY\SYSTEM, so any mistake in its permission checks can b…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A serious security flaw has been discovered in Axios, one of the most popular HTTP client libraries for Node.js, allowing attackers to crash servers and trigger denial-of-service (DoS) attacks. The vulnerability, tracked as CVE-2026-25639, affects all …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft is currently tackling a significant service degradation within Exchange Online that is disrupting business communications by incorrectly flagging legitimate emails as phishing attempts. The incident, tracked under the identifier EX1227432, be…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new cyber campaign has been detected targeting Ivanti Endpoint Manager Mobile (EPMM) systems. Starting on February 4, 2026, threat actors began exploiting two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, to plant dormant b…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical “zero-click” vulnerability in Claude Desktop Extensions (DXT) that allows attackers to compromise a computer using nothing more than a Google Calendar event. The flaw, which has been assigned a maximum severity score of CVSS 10/1…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The European Commission reports a cyber attack on its central mobile infrastructure that may have exposed staff names and phone numbers.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The European Commission successfully contained a cyberattack targeting its mobile device management infrastructure on January 30, 2026. The incident, which potentially exposed staff names and mobile numbers, was neutralized within nine hours of detecti…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are actively exploiting critical vulnerabilities in SolarWinds Web Help Desk (WHD) to deploy custom malware and establish persistent remote control. Security researchers observed these attacks starting on February 7, 2026, targeting organ…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
