-
A critical security flaw has been identified in CentOS 9 that allows a local user to escalate their privileges to root. The vulnerability, which stems from a Use-After-Free (UAF) condition in the Linux kernel’s networking subsystem, was awarded f…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability affecting SmarterTools SmarterMail to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2026-24423, this flaw is actively being weaponiz…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Automated investment platform Betterment has confirmed a data breach affecting approximately 1.4 million customers. The incident, which occurred in January 2026, was the result of a targeted social engineering attack rather than a direct exploit of the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentiall…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent pot…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Russian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cyber-espionage threat group dubbed Amaranth-Dragon. Active throughout 2025, this group has launched highly targeted attacks against government and law enforcement agencies across Southeast Asia. Evidence links Amaranth-Dragon to APT-41, a notori…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cyber campaign where attackers are hijacking web servers to redirect visitors to malicious websites . The campaign targets NGINX, a popular web server software, and specifically focuses on servers using the Baota (BT) management panel. The attack…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating in the underlying software provided by NCP engineering, allows local attackers to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
