Welcome to your weekly vulnerability digest. As we transition from April to May, attackers are weaponizing critical...
cybersecurity
Security researchers at Snyk have issued a warning regarding active, in-the-wild exploitation of Qinglong (青龙), a widely...
Security researchers at Hunt Intelligence have dismantled the operational blueprint of a new Mirai-derived botnet dubbed xlabs_v1....
Security researchers at Socket have uncovered a coordinated software supply chain campaign orchestrated through the GitHub account...
Security researchers have uncovered a supply-chain attack on npm targeting developers who mistakenly install the unscoped tanstack...
Security researchers at Socket have identified a major expansion of the “Mini Shai-Hulud” supply chain campaign, which...
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2026-31431 to its Known Exploited Vulnerabilities (KEV)...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning, adding a critical vulnerability in...
Security researchers have identified two significant vulnerabilities in libmodsecurity3, the core library of the ModSecurity v3 project....
Security researchers at Bitdefender Labs have uncovered a massive, ongoing “smishing” (SMS phishing) operation that called Operation...
While analyzing global smishing operations spanning APAC, LATAM, Europe, and MEA, Group-IB researchers have uncovered a centralized...
Researchers at Forcepoint X-Labs have recently identified a clever phishing campaign targeting everyday consumers by impersonating the...
Security researchers at Iru have detailed a sophisticated new threat targeting macOS users through the software supply...
Wazuh, the widely deployed open-source platform for threat detection and response, has addressed a critical path traversal...
NVIDIA has released a critical software update for NVIDIA NemoClaw, addressing a high-severity vulnerability that could allow...
In the fast-moving world of AI-assisted development, a significant security oversight has been uncovered in Cursor, a...
A new investigation by Check Point Research (CPR) has revealed that the “ambitious” VECT 2.0 ransomware—currently targeting...
The Jenkins project has released a security advisory, addressing several vulnerabilities across its plugin ecosystem. The fixes...
A critical vulnerability has been identified in the Snap One WattBox 800 and 820 series power controllers....
NVIDIA has issued an urgent software update for the NVIDIA FLARE SDK, addressing multiple security vulnerabilities that...
Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection
Full Exploit Disclosed: Public PoC and Technical Details Released for Critical ProFTPD SQL Injection
Analysts from ZeroPath Research have uncovered a critical SQL injection vulnerability within the mod_sql extension of ProFTPD,...
Checkmarx, a global leader in application security testing, has disclosed a significant breach of its internal systems....