§Topic · CVE & Vulnerabilities
CVE & Vulnerabilities
Newly disclosed CVEs, actively exploited vulnerabilities, and critical patches you need to apply now.
All dispatches
Loading
§Topic · CVE & Vulnerabilities
Newly disclosed CVEs, actively exploited vulnerabilities, and critical patches you need to apply now.
All dispatchesRussian actor UAT-11795 trojanized WebEx and Zoom installers to deploy Starland RAT, stealing credentials and crypto.
SonicWall discloses CVE-2026-15409 and CVE-2026-15410 in SMA1000 actively exploited in zero-day attacks; customers urged to patch immediately.
Miasma v3 delivered via trojanized AsyncAPI packages creates persistent backdoors on developer machines and build servers.
Jalisco and OmegaLord phishing kits target Microsoft 365, using MFA-evasion techniques to steal credentials and session tokens.
Japan's Nihon Kotsu halts systems after cyberattack impacting dispatch and operations, showing transport-sector operational risks from intrusions.
Joint advisory warns state-sponsored actors are exploiting poorly secured routers across critical infrastructure, risking espionage and disruption.
CISA issues alert urging immediate SharePoint hardening after new exploitations affecting enterprise SharePoint environments were observed.
Anthropic's Claude for Chrome extension has exploitable flaws enabling extensions to read Gmail, Docs, and Calendar data.
Critical ShareFile Storage Zone Controller zero-day forced emergency shutdowns and prompted immediate vendor guidance and patches.
Record Patch Tuesday: Microsoft released fixes for hundreds of vulnerabilities, including multiple zero-days; urgent prioritization required.
Get these articles delivered to your inbox.
Subscribe free