risk

April 21, 2026

The Trojan Horse in Your Inbox: How Attackers Are Weaponizing GitHub Issue Notifications

In a sophisticated evolution of social engineering, threat actors are no longer just sending fake emails; they are hijacking the…
Read More »
April 21, 2026

Critical Exposure Alert: Over 6,000 Apache ActiveMQ Instances Vulnerable to Remote Code Execution

In a significant blow to enterprise perimeter security, a massive wave of internet-facing Apache ActiveMQ brokers has been identified as…
Read More »
April 21, 2026

Critical RCE Vulnerability Discovered in SGLang: How Malicious GGUF Models Can Compromise Inference Servers

In an era where AI infrastructure speed is prioritized, a significant security oversight has been uncovered within SGLang, a high-performance…
Read More »
April 21, 2026

Stealth by Design: Unpacking the Sophisticated ‘Stealtok’ Malicious Extension Campaign

In a sobering reminder of how easily trust can be exploited, security researchers at LayerX have exposed a highly coordinated…
Read More »
April 21, 2026

Machine-Speed Exploitation: How Frontier AI is Redefining the Cyber Threat Landscape

We are witnessing a fundamental paradigm shift in offensive cyber operations. Artificial Intelligence is moving beyond its role as a…
Read More »
April 20, 2026

The Anthropic Paradox: Inside the NSA’s Secret Use of Mythos AI

The National Security Agency (NSA) has quietly integrated Anthropic’s highly restricted “Mythos” artificial intelligence model into its toolkit, operating in…
Read More »
April 20, 2026

The Core of AI Safety: A Systemic Vulnerability in Anthropic’s MCP Protocol

On April 15, 2026, a critical discovery was made regarding the Model Context Protocol (MCP). Research by OX Security reveals…
Read More »
April 20, 2026

Notion Data Leak Exposes Editor Email Addresses Without Authentication

Security researchers have confirmed that any public Notion page now leaks the full names, email addresses, and profile pictures of…
Read More »
April 20, 2026

Critical Vulnerabilities Discovered in Gardyn Home Kit Systems

A recently updated advisory from the Cybersecurity and Infrastructure Security Agency (CISA) has revealed severe vulnerabilities in Gardyn Home Kit…
Read More »
April 20, 2026

NIST Restructures NVD Operations to Tackle Record CVE Growth

According to a recent announcement from the National Institute of Standards and Technology (NIST), the agency is fundamentally restructuring how…
Read More »
April 17, 2026

TP-Link Routers Under Attack: Mirai Exploitation via Critical Vulnerability

Active scanning campaigns are targeting vulnerable TP-Link home routers to deploy Mirai-style malware, exploiting the CVE-2023-33538 vulnerability in a new…
Read More »
April 17, 2026

Critical FortiSandbox Vulnerability CVE-2026-39808: Public Exploit Now Available

A proof-of-concept (PoC) exploit has been publicly released for a critical security flaw in Fortinet’s FortiSandbox, putting thousands of networks…
Read More »
April 17, 2026

Critical Flaw in Anthropic’s MCP Protocol Exposes Systems to Remote Command Execution

OX Security researchers have uncovered a critical, systemic vulnerability embedded directly in the architecture of Anthropic’s Model Context Protocol (MCP),…
Read More »
April 17, 2026

Still Using FTP? 6 Million Exposed Servers Remain Security Risk

A recent security brief from internet intelligence firm Censys reveals that despite its 55-year history, the File Transfer Protocol (FTP)…
Read More »
April 16, 2026

Proton VPN Impersonation Exposes NWHStealer: A Sophisticated Malware Campaign

Multiple ongoing malware campaigns are deploying the sophisticated information-stealing trojan, designated as NWHStealer, via deceptive VPN installer packages, gaming modifications,…
Read More »
April 16, 2026

Critical Vulnerabilities in Cisco ISE Pose Remote Code Execution Risk

Networking giant Cisco has issued an urgent security advisory warning of two newly discovered vulnerabilities impacting its Identity Services Engine…
Read More »
April 16, 2026

Exposed: Over 1,250 Command and Control Servers Active in Russian Hosting Providers

New research reveals a startling reality within Russian networks: over 1,250 active command-and-control (C2) servers have been operating across 165…
Read More »
April 16, 2026

Critical Nginx-UI Vulnerability CVE-2026-33032 Allows Full Server Takeover

A Critical-rated security flaw (CVE-2026-33032) in nginx-ui – a widely deployed open-source interface for Nginx server management – is actively…
Read More »
April 16, 2026

Splunk Rattles with High-Severity Flaw Enabling Remote Server Takeover (CVE-2026-20204)

Splunk has issued a security advisory for a critical vulnerability affecting its Enterprise and Cloud Platform environments. Tracked as CVE-2026-20204…
Read More »
April 15, 2026

Your Privacy Opt-Out Is Being Ignored by Google, Microsoft, and Meta

A bombshell independent audit has caught some of the world’s biggest technology companies red-handed — continuing to track users who…
Read More »

Previous page Next page