At a glance Malware family ErrTraffic (ClickFix distribution framework / TDS, sold as MaaS) Threat actor Sold...
News
At a glance CVE CVE-2026-55518 CVSS 9.6 (Critical) Product / vendor Avo admin panel framework / Avo...
Database administrators have urgent patching to do. The pgAdmin team has fixed three critical pgAdmin 4 vulnerabilities,...
TL;DR FreeBSD has patched a kernel flaw, CVE-2026-45257, that hands local root to any unprivileged user. This...
TL;DR QNAP has patched 14 vulnerabilities affecting its QTS, QuTS hero, QuTS cloud, and QVP systems. The...
At a glance Malware Family: shai_hulululud (Protestware/Testing) Threat Actor: Unknown (Suspected researcher or troll) Targets: AI-based malware...
Cybercriminals are actively exploiting ArcGIS Account Recovery configurations to penetrate customer environments. Esri confirms these targeted attempts...
A clever new phishing technique skips the password entirely. ReversingLabs has uncovered an active device code phishing...
Security researchers have uncovered GlassWASM malware, a stealthy threat hiding inside trojanized Visual Studio Code extensions. Socket’s...
Poland’s national cyber team has sounded the alarm. A fresh UNC1151 Gmail phishing campaign is hunting credentials...
A two-year look at a shared ransomware ecosystem IBM X-Force has released long-term research into the Interlock...
Around one million WordPress sites just got an urgent reason to patch. A critical Avada Builder...
Genians Security Center recently confirmed the continued distribution of compiled Python-based malware. This threat targets Korean users...
Color-coding enthusiasts have a real reason to celebrate. Google is finally retiring Calendar’s long-standing limit of 11...
On the morning of June 19, a server anomaly within Claude Code erroneously obscured users’ weekly quotas....
Rebora Security Research recently uncovered severe Chrome extension vulnerabilities. These critical flaws impact two widely used AI...
Apple’s walled garden has another crack in it. Following the EU’s Digital Markets Act, Brazil has become...
F5 has issued out-of-band patches for two serious flaws in its NGINX web server. The critical NGINX...
Unauthenticated RCE hits iba industrial software A critical iba deserialization vulnerability could let remote attackers run arbitrary...
A one-line bug that survived 27 years Researchers at Argus have publicly disclosed an OpenBSD authentication bypass...
Critical bug exposes LiteLLM management routes A newly disclosed LiteLLM authentication bypass could let unauthenticated attackers...
Unauthenticated upload exposes Langflow servers A newly published Langflow file upload flaw lets anyone with network...