Sysdig TRT

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2 NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

NATS-as-C2 Sysdig CVE-2026-33017 Langflow RCE Microsoft Phone Link Hijack CloudZ Pheno Plugin Insider Threat BlackCat (ALPHV) OFAC Sanctions DPRK IT Workers Transparent Tribe APT36 React2Shell, EtherRAT SideWinder Espionage, Netlify Phishing DDNS Abuse, C2 Infrastructure Hacking Health Club

SaaS-Style Cybercrime: Attackers Weaponize Langflow RCE and NATS Messaging for Ultra-Scalable C2

Do Son May 18, 2026

A sophisticated new command-and-control (C2) technique has emerged, revealing threat actors who operate more like modern SaaS...

PraisonAI CVE-2026-44338 Exploited in the Wild Hours After Patch Disclosure PraisonAI Authentication Bypass Exploited in the Wild CVE-2026-44338

PraisonAI Authentication Bypass Exploited in the Wild CVE-2026-44338

PraisonAI CVE-2026-44338 Exploited in the Wild Hours After Patch Disclosure

Do Son May 13, 2026

A new report from the Sysdig Threat Research Team (TRT) reveals that on May 11, 2026, a...

CVE-2026-33626: High-Severity SSRF Exploited in the Wild to Hijack AI Inference Engines CVE-2026-33626 LMDeploy SSRF

CVE-2026-33626 LMDeploy SSRF

CVE-2026-33626: High-Severity SSRF Exploited in the Wild to Hijack AI Inference Engines

Do Son April 23, 2026

On April 21, 2026, a high-severity Server-Side Request Forgery (SSRF) vulnerability was disclosed in LMDeploy, a popular...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
Admin intel🗓 Updated: Jun 25, 2026
CVE-2026-12569
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary...
🗓 Added to KEV: Jun 25, 2026
CVE-2025-67038CVSS 9.8
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34910CVSS 10.0
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34909CVSS 10.0
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34908CVSS 10.0
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-20230CVSS 8.6
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified...
Admin intel🗓 Updated: Jun 22, 2026
CVE-2026-20253CVSS 9.8
Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create...
🗓 Added to KEV: Jun 18, 2026