Vulnerability

Ivanti Discloses Two Critical EPMM Vulnerabilities with Active Exploitation Ivanti has revealed two critical vulnerabilities in its Endpoint Manager Mobile…

Russian APT28 Exploits Microsoft Office Zero-Day Within Days of Patch Release Russia-linked advanced persistent threat (APT) group APT28 (also known…

AI Toy’s Exposed Admin Panel Risked Children’s Personal Data and Conversations Security researchers Joseph Thacker and Joel Margolis…

High-Severity Flaw in Rancher Manager Exposes Admin Credentials via MITM Attacks A newly disclosed vulnerability in Rancher Manager, tracked as…

Critical Authentication Bypass Flaw in ClawDBot Enables Remote Code Execution A high-severity vulnerability (GHSA-g8p2-7wf7-98mq) in ClawDBot, a widely used npm…

ZAP Project Identifies Memory Leak in JavaScript Engine Affecting Active Scans The OWASP ZAP project has uncovered a memory leak…

New PUA Exploits Legitimate IT Tool to Enable Silent Cyberattacks Researchers from Point Wild’s Lat61 Threat Intelligence Team have…

Exposed ATM Router Raises Man-in-the-Middle Attack Risks A recent discovery highlights a critical hardware security oversight in an ATM installation,…

Critical CRLF Injection Vulnerability in Gakido HTTP Client Library (CVE-2026-24489) A critical vulnerability in Gakido, an HTTP client library developed…

NVIDIA Patches Critical GPU Driver Vulnerabilities in High-Severity Update On January 27, 2026, NVIDIA released security updates addressing five high-severity…

Interlock Ransomware Exploited Zero-Day in Cisco Firewall Before Patch Ransomware group Interlock exploited a maximum-severity zero-day vulnerability (CVE-2026-20131) in Cisco…

Critical SmarterMail RCE Vulnerability Under Active Exploitation A severe remote code execution (RCE) vulnerability in SmarterTools’ SmarterMail software is being…