Researchers have attributed an active exploitation campaign against a critical cPanel authentication bypass vulnerability, tracked as CVE-2026-41940, to a long-running…
The Apache Software Foundation has issued a security update to fix a critical flaw in the HTTP/2 module of Apache…
Researchers have uncovered an active IoT botnet campaign exploiting two known command-injection vulnerabilities to recruit surveillance cameras and home routers…
Executive Summary Operation GhostMail is a high-stakes cyber-espionage campaign attributed to the Russian threat actor APT28 (Fancy Bear). By exploiting a critical stored…
Executive Summary A critical zero-day vulnerability in Cisco Catalyst SD-WAN Manager, tracked as CVE-2026-20127, has been actively exploited by the…
Executive Summary In a significant security incident, SmarterTools, the developer of the popular SmarterMail collaboration platform, fell victim to a ransomware attack orchestrated…
Fortinet has addressed a critical authentication bypass vulnerability, CVE-2026-24858, affecting FortiOS, FortiManager, FortiAnalyzer, FortiWeb and FortiProxy. The vulnerability, with a…
Executive Summary A sophisticated China-linked threat actor, identified as UAT-8837, has been observed exploiting a critical zero-day vulnerability in the Sitecore…
This month’s Patch Tuesday marks a significant start to the year, with Microsoft delivering a heavy volume of updates to…
Network virtualization infrastructure continues to be a high-value target for well-resourced threat actors. Recent analysis has revealed a sophisticated intrusion…