SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Cisco Unified CM and Webex Security Alert: Active Zero-Day CVE-2026-20045 Fixed
Cisco has recently issued security updates to fix a critical vulnerability impacting several Unified Communications Manager (CM) products and Webex Calling Dedicated Instance. Tracked as CVE-2026-20045, the flaw has been actively exploited as a zero-day in real-world attacks, creating a serious risk...
CVE Research
Unmasking UAT-8837: The Zero-Day Exploit That Could Ruin Your Year
A sophisticated China-linked threat actor, identified as UAT-8837, has been observed exploiting a critical zero-day vulnerability in the Sitecore platform. Tracked as CVE-2025-53690, this insecure deserialization flaw allows attackers to bypass authentication and execute remote code (RCE). The prima...
CVE Research
Three Zero-Days, 114 Flaws Fixed: Microsoft Kicks Off 2026 with a Major Patch Tuesday
This month’s Patch Tuesday marks a significant start to the year, with Microsoft delivering a heavy volume of updates to address 114 vulnerabilities. This includes 3 zero-day flaws, one of which is actively exploited.
CVE Research
Silent Scan, Stolen Secrets: Kimsuky’s QR-Code Phishing Campaign
A sustained quishing (QR-code phishing) campaign conducted by the North Korea–linked APT group Kimsuky (aka Larva-24005) has been actively targeting government, defense, and critical infrastructure organizations. According to a recent FBI warning, Kimsuky operators embed malicious QR codes in emails...
CVE Research
Severe Veeam Backup Vulnerability Could Lead to Code Execution
Veeam, a prominent provider of data protection and disaster recovery solutions, has recently addressed multiple security vulnerabilities in its Backup & Replication software. These flaws could potentially allow attackers to perform remote code execution (RCE) and gain unauthorized access to systems....
CVE Research
Public PoC Released for Cisco ISE Information Disclosure Flaw
Cisco has recently addressed a medium-severity security vulnerability in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). The vulnerability, identified as CVE-2026-20029, has a public proof-of-concept (PoC) exploit available, prompting a swift response from the networ...
CVE Research
Deploying VSOCKpuppet: Unmasking how Chinese Threat Actors Exploited ESXi Zero-Days Before Disclosure
Network virtualization infrastructure continues to be a high-value target for well-resourced threat actors. Recent analysis has revealed a sophisticated intrusion campaign in which Chinese-speaking attackers leveraged undeclared zero-day vulnerabilities in VMware ESXi hypervisor environments, possib...
CVE Research
Active Exploitation Alert: Critical RCE Vulnerability in HPE OneView
The cybersecurity landscape is ever-evolving, and recent reports indicate that a previously patched vulnerability in HPE OneView is now being actively exploited in the wild. This Remote Code Execution (RCE) vulnerability, identified as CVE-2025-37164, poses a significant risk to organizations utiliz...
CVE Research
Mass Exploitation Campaign Targeting Adobe ColdFusion Servers Detected During Christmas Holiday
A coordinated exploitation campaign targeted Adobe ColdFusion servers across the globe during the Christmas 2025 holiday period, generating 5,940 malicious requests that probed 10+ ColdFusion CVEs disclosed between 2023 and 2024. Telemetry indicates 68% of the activity occurred on December 25, sugge...