News

Cache Warmer RCE Flaw Patched in Magento Extension Haskell TLS vulnerability CVE-2026-9648, X.509 NameConstraints, crypton-x509-validation MBS Universal Gateway flaws stack buffer overflow bugs SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

Haskell TLS vulnerability CVE-2026-9648, X.509 NameConstraints, crypton-x509-validation MBS Universal Gateway flaws stack buffer overflow bugs SystemLink authentication bypass privilege escalation bug Cache Warmer RCE flaw Magento PHP object injection

Cache Warmer RCE Flaw Patched in Magento Extension

Do Son June 1, 2026

A critical security vulnerability now threatens thousands of e-commerce storefronts globally. Specifically, security researchers uncovered a severe...

Advanced China-Nexus Group Strikes Southeast Asian Networks custom Linux router implant router DNS hijacking

custom Linux router implant router DNS hijacking

Advanced China-Nexus Group Strikes Southeast Asian Networks

Do Son June 1, 2026

A sophisticated cyber espionage campaign is currently striking enterprise operations across Southeast Asia. Specifically, a China-nexus group...

Sophisticated Android Banking Trojan Threat Evades Detection via High-Trust Lures

Android banking trojan threat credential harvesting overlays

Sophisticated Android Banking Trojan Threat Evades Detection via High-Trust Lures

Do Son June 1, 2026

Recently, global cybersecurity researchers uncovered a massive wave of mobile fraud hitting international consumers. This hazardous operation...

Sophisticated GPU Cryptojacking Campaign Surfaced by Microsoft Experts Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Cemu emulator Linux malware Blitz Brigantine AOBackdoor GitHub Malware Campaign StealC Infostealer TamperedChef Malware, SEO Poisoning Carbanak malware RubyGems Supply Chain, Infostealer

Sophisticated GPU Cryptojacking Campaign Surfaced by Microsoft Experts

Do Son June 1, 2026

Microsoft Defender Experts recently identified a highly targeted digital threat spreading across the internet. Specifically, a dangerous...

AI Honeypots Snare Decentralized Cryptominer Dropper P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

P2P cryptominer malware threat Ollama endpoint attacks IoT Botnets DDoS Attacks

AI Honeypots Snare Decentralized Cryptominer Dropper

Do Son June 1, 2026

Security analysts recently discovered a sophisticated digital hazard targeting artificial intelligence environments. Specifically, the Akamai Security Intelligence...

Severe Plesk Privilege Escalation Flaw Patched in Linux Versions

Plesk privilege escalation flaw CVE-2026-44962 patch Plesk LPE, Root Command Execution

Severe Plesk Privilege Escalation Flaw Patched in Linux Versions

Do Son June 1, 2026

A dangerous security vulnerability has been uncovered within a widely used web hosting control panel. Specifically, a...

The Windows 10 Sunset: HP’s Market Opportunity and the Consumer ESU Deadline Windows 10 extended support Windows 10 MSMQ Bug, KB5071546 Write Permissions Windows 10 EOL, LTSB Support Windows User Base, Active Devices KB5052819

Windows 10 extended support Windows 10 MSMQ Bug, KB5071546 Write Permissions Windows 10 EOL, LTSB Support Windows User Base, Active Devices KB5052819

The Windows 10 Sunset: HP’s Market Opportunity and the Consumer ESU Deadline

Do Son June 1, 2026

The Twilight of Windows 10 Support Microsoft recently terminated standard security support for the consumer edition of...

The Dawn of AV2: AOMedia Finalizes Next-Generation Video Compression AV2 codec v1.0.0 release

AV2 codec v1.0.0 release

The Dawn of AV2: AOMedia Finalizes Next-Generation Video Compression

Do Son June 1, 2026

The Evolution of the v1.0.0 Milestone The Alliance for Open Media (AOMedia) recently unveiled the inaugural v1.0.0...

Liquidjs CVSS 10 RCE Threatens 7.3M Monthly Users Liquidjs remote code execution template engine vulnerability

Liquidjs remote code execution template engine vulnerability

Liquidjs CVSS 10 RCE Threatens 7.3M Monthly Users

Do Son June 1, 2026

Security researchers recently uncovered a maximum-severity flaw in a highly popular template engine. Specifically, this newly disclosed...

Netlogon RCE Vulnerability Under Active Attack in the Wild

HTTP.sys RCE vulnerability, Windows HTTP stack exploit, CVE-2026-47291 Netlogon RCE vulnerability Exploited in the wild Secure Boot certificate renewal 2026, Windows 11 UEFI update Community-First AI Infrastructure, Microsoft self-funding energy mandate aka.ms/aoh online portal CVE-2025-55681, Windows DWM Elevation Windows Administrator Protection, CVE-2025-60718 Microsoft AI Compute, IREN Infrastructure Microsoft Japan PPA, Renewable Energy Microsoft AI Investment, Cloud Expansion Microsoft Azure, Startup Credits Infinite Workday, AI in Work Microsoft Russia, Bankruptcy AI code generation, Microsoft AI Microsoft Layoffs, Restructuring

Netlogon RCE Vulnerability Under Active Attack in the Wild

Do Son June 1, 2026

Cybercriminals are actively targeting corporate networks by utilizing a freshly uncovered security flaw. Specifically, attackers are abusing...

Critical Langroid Vulnerability Allows RCE via Prompt Injection Langroid vulnerability RCE prompt injection

Langroid vulnerability RCE prompt injection

Critical Langroid Vulnerability Allows RCE via Prompt Injection

Do Son June 1, 2026

Researchers from CMU and UW-Madison discovered a critical security flaw in Langroid, a Python framework for LLM...

IBM Aspera Vulnerabilities Patched in New Security Bulletin IBM Aspera vulnerabilities remote code execution

IBM Aspera vulnerabilities remote code execution

IBM Aspera Vulnerabilities Patched in New Security Bulletin

Do Son June 1, 2026

IBM has released an urgent security bulletin fixing multiple security flaws. These new IBM Aspera vulnerabilities affect...

Weekly Threat Intelligence: May 25 to May 31, 2026 Weekly Threat Intelligence Active Vulnerability Report

Weekly Threat Intelligence Active Vulnerability Report

Weekly Threat Intelligence: May 25 to May 31, 2026

Do Son June 1, 2026

Welcome to your weekly threat intelligence briefing. The cybersecurity landscape shifted dramatically between May 25 and May...

Notepad++ Exploit Code and Flaws Publicly Disclosed Notepad++ exploit code arbitrary code execution

Notepad++ exploit code arbitrary code execution

Notepad++ Exploit Code and Flaws Publicly Disclosed

Do Son June 1, 2026

Security researchers have publicly disclosed critical flaws in the popular text editor Notepad++. Specifically, the disclosure includes...

Critical FreeBSD Kernel Buffer Overflow Disclosed: Public Details & PoC Out

FreeBSD kernel buffer overflow public exploit code released

Critical FreeBSD Kernel Buffer Overflow Disclosed: Public Details & PoC Out

Do Son June 1, 2026

Security researchers recently published a detailed analysis of a significant vulnerability in modern operating systems. Specifically, this...

Critical Eppendorf Bioreactor Security Flaw Disclosed

Critical Eppendorf Bioreactor Security Flaw Disclosed

Do Son June 1, 2026

An urgent industrial control security warning has been issued for laboratory facilities. Specifically, researchers discovered a critical...

Critical MCP Toolbox Vulnerability Exposes Enterprise Databases MCP Toolbox vulnerability session hijacking

MCP Toolbox vulnerability session hijacking

Critical MCP Toolbox Vulnerability Exposes Enterprise Databases

Do Son May 31, 2026

Security researchers recently uncovered a critical MCP Toolbox vulnerability affecting open-source enterprise database connectors. The underlying software...

Comet Backup Server Flaw Exposes Remote Customer Data Comet Backup RCE vulnerability CVE-2026-32999 patch Comet Backup IDOR Cross-Tenant Takeover

Comet Backup RCE vulnerability CVE-2026-32999 patch Comet Backup IDOR Cross-Tenant Takeover

Comet Backup Server Flaw Exposes Remote Customer Data

Do Son May 31, 2026

A critical security flaw has disrupted the enterprise backup landscape this week. Specifically, a severe Comet Backup...

FIFA Website Spoofing Scams: FBI Issues Major World Cup Warning FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA website spoofing scams FBI World Cup alert Pig Butchering Scam Jingliang Su Sentencing Meta China Scam Ads, Zuckerberg Revenue Conflict Trading Bot Scam BEC Scam Rental Payment Fraud

FIFA Website Spoofing Scams: FBI Issues Major World Cup Warning

Do Son May 31, 2026

The Federal Bureau of Investigation recently issued a critical safety warning regarding the upcoming 2026 World Cup...

SolyxImmortal Info Stealer Exploits Systems via Discord SolyxImmortal info stealer Discord webhooks

SolyxImmortal info stealer Discord webhooks

SolyxImmortal Info Stealer Exploits Systems via Discord

Do Son May 31, 2026

Security researchers recently discovered a highly dangerous new asset targeting worldwide internet users. Specifically, the SolyxImmortal info...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
CVE-2026-12569
A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The...
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
CVE-2026-21509CVSS 7.8
Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a...
CVE-2026-34908CVSS 10.0
A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi...
CVE-2026-34909CVSS 10.0
A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS...
CVE-2026-34910CVSS 10.0
A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi...
CVE-2025-67038CVSS 9.8
An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write...
CVE-2024-23692CVSS 9.8
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This...
CVE-2026-48907
A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated...