Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
OverviewOn January 28, 2026, SolarWinds published an advisory for multiple new vulnerabilities affecting their Web Help Desk product. Web Help Desk is an IT...
SmarterTools SmarterMail RCE
What is the Vulnerability? An actively targeted vulnerability has been identified...
Trusted, Signed, Still Malicious. Exploiting Custom Email Text to Bypass Security Controls
By: Kahng An, Intelligence TeamA recent series of phone scam emails has been able to bypass traditional email security measures by placing malicious messages...
Phishing at Cloud Scale: How AWS is Abused for Credential Theft
Threat actors are abusing web services from Amazon like Simple Storage Service (S3) buckets, Amazon Simple Email Service (SES), and Amazon Web Service (AWS)...
How Elastic Support uses AI to deliver faster, expert-verified solutions
We use AI and RAG to accelerate answers — not replace experts. Every response is reviewed, validated, and refined by engineers to ensure accurate,...
[R1] Tenable Network Monitor Version 6.5.3 Fixes Multiple Vulnerabilities
Tenable Network Monitor Version 6.5.3 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 01/27/2026 - 14:02
Nessus Network Monitor leverages third-party software to help provide...
File integrity monitoring with AWS Systems Manager and Amazon Security Lake
Customers need solutions to track inventory data such as files and software across Amazon Elastic Compute Cloud (Amazon EC2) instances, detect unauthorized...
Wave of ShinyHunters vishing attacks spreading fast
The ShinyHunters hacking collective that caused chaos in 2025 is ramping up a new voice phishing campaign, with several potential victims already identified ...
Johnson Controls Products
View CSAF
Summary
Successful exploitation of this vulnerability could result in remote SQL execution, leading to alteration or loss of data.
The following versions of Johnson Controls...
Latest article
CyberSentinel AI with 33 Security Tools, Including Nmap, SQLMap, ZAP, and uses Claude, GPT
A new open-source cybersecurity platform called CyberSentinel AI v3.0 has emerged as a significant development in autonomous security tooling, combining 33 real-world penetration testing...
CVE-2025-5791 Users: `root` appended to group listings
Information published. - Read more
JCPenney – 368,418 breached accounts
In June 2026, retailer JCPenney and associated brands were targeted in a ShinyHunters "pay or leak" extortion campaign. Data allegedly obtained from JCPenney through...
Threat actor adds advanced ‘EDR killer’ tools to ransomware-as-a-service platform
One of the world’s top ransomware groups has given its criminal affiliates access to advanced tools capable of successfully disabling...
