vulnerabilities
-
TA446 Uses DarkSword Exploit Kit to Target iPhone Users
Russia-linked espionage group TA446 has initiated a new phishing campaign using the DarkSword exploit kit to compromise iOS devices, leveraging…
Read More » -
Hackers Implant Stealthy BPFdoor Backdoors in Telecom Networks for Persistent Access
A China-nexus threat actor known as Red Menshen is planting stealthy backdoors deep inside global telecommunications networks. According to a…
Read More » -
BIND 9 Security Flaws Allow Attackers to Bypass Security Controls and Crash Servers
The Internet Systems Consortium (ISC) has released critical security advisories addressing three new vulnerabilities in the widely used BIND 9…
Read More » -
Critical Ivanti EPMM Vulnerabilities Expose Systems to Arbitrary Code Execution Attacks
In February 2026, threat actors actively exploited two critical remote code execution (RCE) vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM).…
Read More » -
CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical code-injection vulnerability discovered within Langflow.…
Read More » -
Multiple Vulnerabilities in TP-Link Devices Enable Arbitrary Command Execution
TP-Link disclosed a critical security advisory revealing four high-severity vulnerabilities impacting its Archer NX200, NX210, NX500, and NX600 router series.…
Read More » -
DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones
Security experts haveverified that the advanced iOS exploit chain known as DarkSword is now accessible outside of its original threat…
Read More » -
Russian Access Broker Jailed for Facilitating Ransomware Attacks Targeting U.S. Companies
A United States federal court sentenced Aleksei Volkov, a 26-year-old Russian national, to 81 months in prison for operating as…
Read More » -
Roundcube Releases Urgent Security Update to Fix Critical Bugs
Roundcube Webmail has issued an urgent security update addressing eight critical vulnerabilities discovered by independent security researchers. This release, version…
Read More » -
$30 IP-KVM Flaws Could Enable BIOS-Level Enterprise Network Attacks
Recent threat research exposes a critical security crisis with low-cost IP-KVM devices, revealing nine vulnerabilities across four prominent vendors. These…
Read More » -
CISA Warns of Craft CMS Code Injection Flaw Exploited in Active Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting Craft CMS to its Known Exploited…
Read More » -
CISA Issues Warning on Apple Vulnerabilities Exploited Through DarkSword iOS Chain
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding three critical security flaws affecting the Apple…
Read More » -
VoidStealer Malware Cracks Chrome’s Master Encryption Key with Novel Hardware Breakpoint Technique
An information stealer called VoidStealer employs a novel technique to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key…
Read More » -
Oracle Fixes High-Severity RCE Vulnerability Affecting Identity and Web Services Platforms
Oracle recently issued an urgent security alert regarding a critical Remote Code Execution (RCE) flaw that impacts both Oracle Identity…
Read More » -
Phishing Campaign Targeting Signal and WhatsApp Users Linked to Russian Intelligence
Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp through phishing campaigns…
Read More » -
CISA Warns Cisco Secure Firewall Management Center 0-Day Is Being Exploited in Ransomware Attacks
The Cybersecurity and Infrastructure SecurityAgency (CISA) has issued an urgent warning concerning a critical zero-day vulnerability actively exploited in targeted…
Read More » -
Chrome Security Update Fixes 26 Vulnerabilities Enabling Remote Malicious Code Execution
Google has released a critical security update for its Chrome desktop web browser, addressing 26 distinct vulnerabilities that could enable…
Read More » -
New Critical Jenkins Vulnerabilities Put CI/CD Servers at Risk of RCE Exploits
Jenkins disclosed a critical security advisory addressing multiple vulnerabilities impacting its core automation server and the LoadNinja plugin. These flaws…
Read More »