-
n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and e…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentiall…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent pot…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Russian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the the…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cyber-espionage threat group dubbed Amaranth-Dragon. Active throughout 2025, this group has launched highly targeted attacks against government and law enforcement agencies across Southeast Asia. Evidence links Amaranth-Dragon to APT-41, a notori…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new cyber campaign where attackers are hijacking web servers to redirect visitors to malicious websites . The campaign targets NGINX, a popular web server software, and specifically focuses on servers using the Baota (BT) management panel. The attack…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating in the underlying software provided by NCP engineering, allows local attackers to…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cisco has released a security advisory detailing a high-severity vulnerability in Cisco Meeting Management (CMM). The flaw, caused by improper input validation, allows authenticated remote attackers to upload arbitrary files and potentially execute com…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting VMware ESXi to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-22225, this zero-day flaw allows attackers to esca…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
TP-Link has disclosed multiple critical authenticated command injection vulnerabilities affecting the Archer BE230 v1.2 Wi-Fi router, enabling attackers with administrative access to execute arbitrary commands and seize complete control of affected dev…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
