Metasploit Wrap-Up 01/30/2026
FreeBPX Content GaloreThis week brings 3 new pieces of module content for targeting FreePBX. All three chain multiple vulnerabilities together, starting with CVE-2025-66039. This...
Explore scaling options for AWS Directory Service for Microsoft Active Directory
You can use AWS Directory Service for Microsoft Active Directory as your primary Active Directory Forest for hosting your users’ identities. Your...
SoundCloud Data Breach Exposes Nearly 30M User Accounts
A SoundCloud breach affecting 29.8 million accounts exposed email addresses and profile data, increasing phishing risks.
The post SoundCloud Data Breach Exposes Nearly 30M User...
Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)
OverviewOn January 29, 2026, Ivanti disclosed two new critical vulnerabilities affecting Endpoint Manager Mobile (EPMM): CVE-2026-1281 and CVE-2026-1340. The vendor has indicated that exploitation...
Labyrinth Chollima Evolves into Three North Korean Hacking Groups
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers - Read more
New AI-Developed Malware Campaign Targets Iranian Protests
The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran - Read more
OpenSSL CVE-2025-15467
CVSSv3 Score: 9.8
CVE-2025-15467Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. A stack buffer...
Versa Concerto SD-WAN Authentication Bypass
What is the Vulnerability? A critical security vulnerability (CVE-2025-34026) has...
Chromium: CVE-2026-1504 Inappropriate implementation in Background Fetch API
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see (https://chromereleases.googleblog.com/2024 ) for more information. -...
Latest article
Patch Tuesday – March 2026
Microsoft is publishing 77 vulnerabilities this March 2026 Patch Tuesday. Microsoft is aware of public disclosure of two of today’s vulnerabilities, but without evidence...
AWS European Sovereign Cloud achieves first compliance milestone: SOC 2 and C5 reports plus...
In January 2026, we announced the general availability of the AWS European Sovereign Cloud, a new, independent cloud for Europe entirely located...
Google’s $32B Wiz Acquisition Set to Become Israel’s Largest Tech Deal Ever
Google’s $32 billion Wiz acquisition is nearing completion, marking a record Israeli tech exit and a major bet on cloud security.
The post Google’s $32B...
OpenAI’s Promptfoo Deal Plugs Agentic AI Testing Gap
OpenAI’s latest acquisition addresses a security need Jamieson O’Reilly, security advisor at OpenClaw, raised during an exclusive interview with Infosecurity - Read more
