The number of vulnerabilities to be disclosed in 2026 is almost certain to exceed last year’s total, and may be heading towards 100,000, according to new analysis. – Read more
Latest article
Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2
Pwn2Own Berlin 2026 is rapidly escalating into one of the most intense offensive security contests in recent years, with Day Two delivering a fresh...
CVE-2026-42945: Imperva Customers Protected Against Critical NGINX Rewrite Module Vulnerability
TL;DR: Researchers recently disclosed CVE-2026-42945, a critical heap-based buffer overflow vulnerability affecting both NGINX Open Source and NGINX Plus. The flaw exists within the...
Expired domain leads to supply chain attack on node-ipc npm package
A popular npm package called node-ipc has been compromised, with hackers publishing malicious versions that bundle credential stealing malware. The...
Metasploit Wrap-Up 05/15/2026
Weaponizing a text editor for fun and profitGather round, dear readers, because today, we (by we, we mean @h00die) dropped the ultimate persistence mechanism:...
