Ivanti patches two actively exploited critical vulnerabilities in EPMM
IT software company Ivanti released patches for its Endpoint Manager Mobile (EPMM) product to fix two new remote code execution...
Metasploit Wrap-Up 01/30/2026
FreeBPX Content GaloreThis week brings 3 new pieces of module content for targeting FreePBX. All three chain multiple vulnerabilities together, starting with CVE-2025-66039. This...
Explore scaling options for AWS Directory Service for Microsoft Active Directory
You can use AWS Directory Service for Microsoft Active Directory as your primary Active Directory Forest for hosting your users’ identities. Your...
SoundCloud Data Breach Exposes Nearly 30M User Accounts
A SoundCloud breach affecting 29.8 million accounts exposed email addresses and profile data, increasing phishing risks.
The post SoundCloud Data Breach Exposes Nearly 30M User...
Critical Ivanti Endpoint Manager Mobile (EPMM) zero-day exploited in the wild (CVE-2026-1281 & CVE-2026-1340)
OverviewOn January 29, 2026, Ivanti disclosed two new critical vulnerabilities affecting Endpoint Manager Mobile (EPMM): CVE-2026-1281 and CVE-2026-1340. The vendor has indicated that exploitation...
Labyrinth Chollima Evolves into Three North Korean Hacking Groups
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers - Read more
New AI-Developed Malware Campaign Targets Iranian Protests
The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran - Read more
OpenSSL CVE-2025-15467
CVSSv3 Score: 9.8
CVE-2025-15467Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. A stack buffer...
Versa Concerto SD-WAN Authentication Bypass
What is the Vulnerability? A critical security vulnerability (CVE-2025-34026) has...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
