News

High-Severity Vulnerabilities Addressed in Endpoint Manager Mobile Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti EPMM security updates Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

High-Severity Vulnerabilities Addressed in Endpoint Manager Mobile

Do Son June 10, 2026

The development group behind enterprise mobile device management solutions deployed critical patches. Specifically, the latest Ivanti EPMM...

Critical Rclone Command Execution Bug Threatens Cloud Environments rclone command execution execute local commands Rclone RCE CVE-2026-41176

rclone command execution execute local commands Rclone RCE CVE-2026-41176

Critical Rclone Command Execution Bug Threatens Cloud Environments

Do Son June 10, 2026

Widespread Synchronization Tool Exposed to Severe Shell Exploits Cloud storage administrators must review their remote file synchronization...

Critical Veeam Backup Vulnerability Exposed Veeam Backup vulnerability remote code execution Veeam Backup vulnerability Veeam Vulnerabilities CVE-2024-42448 & CVE-2024-42449

Veeam Backup vulnerability remote code execution Veeam Backup vulnerability Veeam Vulnerabilities CVE-2024-42448 & CVE-2024-42449

Critical Veeam Backup Vulnerability Exposed

Do Son June 10, 2026

A critical Veeam Backup vulnerability threatens enterprise backup servers running older software versions. This severe flaw allows...

Critical FortiSandbox Flaw Requires Immediate Patching CVE-2026-25089 CVE-2023-45590

CVE-2026-25089 CVE-2023-45590

Critical FortiSandbox Flaw Requires Immediate Patching

Do Son June 10, 2026

A critical security vulnerability tracks as CVE-2026-25089 inside the Fortinet ecosystem. This dangerous flaw scores a high...

Critical TinyMCE Cross Site Scripting Flaws Threaten Millions of Applications TinyMCE cross site scripting stored XSS vulnerability

TinyMCE cross site scripting stored XSS vulnerability

Critical TinyMCE Cross Site Scripting Flaws Threaten Millions of Applications

Do Son June 10, 2026

Large-Scale Content Editor Flaws Expose Enterprise Platforms A widespread security alert has emerged for web developers utilizing...

MBS Universal Gateway Flaws Threaten Building Automation Networks Haskell TLS vulnerability CVE-2026-9648, X.509 NameConstraints, crypton-x509-validation MBS Universal Gateway flaws stack buffer overflow bugs SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

Haskell TLS vulnerability CVE-2026-9648, X.509 NameConstraints, crypton-x509-validation MBS Universal Gateway flaws stack buffer overflow bugs SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

MBS Universal Gateway Flaws Threaten Building Automation Networks

Do Son June 10, 2026

Multiple Software Vulnerabilities Discovered in Underlying Web GUI Firmware MBS GmbH has issued an urgent security notice...

Spring Framework Security Vulnerabilities Addressed in Critical Maintenance Updates

Spring framework security vulnerabilities authentication bypass threat

Spring Framework Security Vulnerabilities Addressed in Critical Maintenance Updates

Do Son June 9, 2026

Multiple Flaws Threaten Enterprise Java Deployments Across Clusters The enterprise development team managing the Java cloud ecosystem...

New MagicAd Android Trojan Bypasses OS Restrictions to Flood Devices with Ads MagicAd Android trojan GetApps malware distribution

MagicAd Android trojan GetApps malware distribution

New MagicAd Android Trojan Bypasses OS Restrictions to Flood Devices with Ads

Do Son June 9, 2026

Severe Mobile Security Threats Emerge Security analysts have discovered a dangerous new mobile threat affecting thousands of...

Strategic Value: Google Slashes AI Plus Subscription Fees While Doubling Storage Google AI Plus subscription

Google AI Plus subscription

Strategic Value: Google Slashes AI Plus Subscription Fees While Doubling Storage

Do Son June 9, 2026

Google recently finalized a substantial price reduction for its Google AI Plus subscription tier. Specifically, the monthly...

Decentralized Diffusion: Z-Library Upgrades Mirror Infrastructure to Evade Seizures Z-Library mirror network

Z-Library mirror network

Decentralized Diffusion: Z-Library Upgrades Mirror Infrastructure to Evade Seizures

Do Son June 9, 2026

Recently, the shadow repository known as Z-Library announced an overhaul of its mirror architecture. Consequently, any individual...

Structured Expiration: Microsoft Enforces Comprehensive Lifecycle Management for OneDrive OneDrive data retention policy

OneDrive data retention policy

Structured Expiration: Microsoft Enforces Comprehensive Lifecycle Management for OneDrive

Do Son June 9, 2026

In January 2025, Microsoft initiated structural enhancements to the data retention protocols within OneDrive for Business. Consequently,...

Malicious Traffic Routing Stack Exploited to Spread Global Malware malicious traffic routing Check Point research report

malicious traffic routing Check Point research report

Malicious Traffic Routing Stack Exploited to Spread Global Malware

Do Son June 9, 2026

Cloned Portals Hijack Open-Source Search Traffic Cybercriminals are finding innovative ways to exploit standard internet search habits....

Argamal Trojan Campaign Targets Adult Gamers with COM Hijacking Argamal Trojan campaign Kaspersky malware analysis

Argamal Trojan campaign Kaspersky malware analysis

Argamal Trojan Campaign Targets Adult Gamers with COM Hijacking

Do Son June 9, 2026

A dangerous new electronic threat is currently targeting individuals who download adult video games online. Security researchers...

SAP Security Patch Day: Critical Security Vulnerabilities Remediated SAP security patch day critical security vulnerabilities SAP SQL Injection April 2026 Patch Day SAP Security, Critical Vulnerabilities Security Patch Day CVE-2025-42944

SAP security patch day critical security vulnerabilities SAP SQL Injection April 2026 Patch Day SAP Security, Critical Vulnerabilities Security Patch Day CVE-2025-42944

SAP Security Patch Day: Critical Security Vulnerabilities Remediated

Do Son June 9, 2026

Large-Scale Updates Protect Enterprise Infrastructure Assets The security team managing the enterprise resource planning ecosystem released vital...

Sophisticated TA4922 Cybercrime Operations Expand Globally Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Kali365 phishing platform EmEditor Supply Chain Attack, WALSHAM INVESTMENTS LIMITED EggStreme, fileless malware North Korea Cybercrime, Remote IT Job Fraud RedDelta APT

Sophisticated TA4922 Cybercrime Operations Expand Globally

Do Son June 9, 2026

The Rising Threat of TA4922 A prominent cybersecurity research group recently exposed a highly active threat cluster...

Seamless Interoperability: Apple Notes Optimizes Markdown Integration in iOS 27 Apple Notes Markdown support

Apple Notes Markdown support

Seamless Interoperability: Apple Notes Optimizes Markdown Integration in iOS 27

Do Son June 9, 2026

In iOS 26, Apple introduced Markdown exportation for its native Notes application. Previously, the utility restricted document...

Market Shockwave: OpenAI Confidentially Files for Historic Public Offering

OpenAI confidential IPO filing OpenAI code signing certificate rotation AI private equity joint ventures OpenAI Axios Supply Chain Attack OpenAI Promptfoo acquisition OpenAI military resignation ChatGPT Plus military fraud OpenAI smart speaker Jony Ive OpenAI Frontier platform ChatGPT AI age prediction 2026, OpenAI Persona age verification Sarah Friar OpenAI infrastructure, AI Scaling Law revenue OpenAI Gumdrop AI pen, Jony Ive OpenAI hardware 2027 OpenAI New CRO, Denise Dresser Monetization Strategy OpenAI Competitive Pressure Gemini 3 Overtake OpenAI Infrastructure, AI Closed Loop Economy

Market Shockwave: OpenAI Confidentially Files for Historic Public Offering

Do Son June 9, 2026

On June 8, OpenAI unexpectedly announced its confidential submission for an initial public offering to the SEC....

Automated Fortification: iOS 27 Introduces AI-Driven Password Rectification WWDC 2026 iOS 27

WWDC 2026 iOS 27

Automated Fortification: iOS 27 Introduces AI-Driven Password Rectification

Do Son June 9, 2026

Presently, most credential managers evaluate password integrity. Specifically, they cross-reference user data with known breach databases. When...

Critical Kemp LoadMaster Flaws Expose Network Appliances to RCE Kemp LoadMaster flaws command injection remote execution Kemp LoadMaster Vulnerability WAF Bypass Technique Progress WhatsUp Gold Vulnerabilities

Kemp LoadMaster flaws command injection remote execution Kemp LoadMaster Vulnerability WAF Bypass Technique Progress WhatsUp Gold Vulnerabilities

Critical Kemp LoadMaster Flaws Expose Network Appliances to RCE

Do Son June 9, 2026

Severe Infrastructure Exposure Discovered Enterprise network administrators must update their system appliances immediately. The Progress software provider...

Emergency Patch Release Secures Apache HTTP Server Deployments Against Remote Attacks Apache HTTP Server patches buffer overflow vulnerabilities CVE-2022-36760

Apache HTTP Server patches buffer overflow vulnerabilities CVE-2022-36760

Emergency Patch Release Secures Apache HTTP Server Deployments Against Remote Attacks

Do Son June 9, 2026

Multiple Memory Exploits Resolved in Major Version 2.4.68 Maintenance Cycle The development group managing the global web...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CVE-2024-23692CVSS 9.8
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This...
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated...