CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2018-14634 Linux Kernel Integer Overflow Vulnerability
CVE-2025-52691...
Spanish court acquits suspects denied access to ‘raw’ Sky ECC intercepts in landmark decision
Prosecutors have been told they cannot rely on intercept evidence from the Sky ECC encrypted phone network in the absence of other evidence, unless...
CVE-2026-21509 Microsoft Office Security Feature Bypass Vulnerability
Corrected CVSS score. This is an informational change only. - Read more
Introducing IDE-SHEPHERD: Your shield against threat actors lurking in your IDE
IDE-SHEPHERD is an open-source IDE security extension that provides real-time monitoring and protection for VS Code and Cursor. It intercepts malicious process executions, monitors...
CISA Warns of Critical VMware vCenter RCE Vulnerability Now Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Broadcom’s VMware vCenter Server to its Known Exploited Vulnerabilities (KEV) catalog....
Updated PCI PIN compliance package for AWS Payment Cryptography now available
Amazon Web Services (AWS) is pleased to announce the successful completion of Payment Card Industry Personal Identification Number (PCI PIN) audit for...
Fortinet confirms new zero-day attacks against customer devices
Fortinet has confirmed that a new attack campaign observed recently against customer devices is exploiting an unpatched issue to bypass...
AWS achieves 2025 C5 Type 2 attestation report with 183 services in scope
Amazon Web Services (AWS) is pleased to announce a successful completion of the 2025 Cloud Computing Compliance Criteria Catalogue (C5) attestation cycle...
Data Leak Exposes 149M Logins, Including Gmail, Facebook
A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft.
The post Data Leak Exposes 149M Logins, Including Gmail,...
Metasploit Wrap-Up 01/23/2026
Oracle E-Business Suite Unauth RCEThis week, we are pleased to announce the addition of a module that exploits CVE-2025-61882, a pre-authentication remote code execution...
Latest article
GreatXML zero-day BitLocker bypass doesn’t seem to work, yet
A disgruntled researcher who has been publishing zero-day Microsoft Windows vulnerabilities for the past several months released a new exploit...
New Windows Zero-Day Claims BitLocker Bypass Amid Microsoft Disclosure Fight
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact.
The post New Windows Zero-Day Claims BitLocker...
Fancy Bear Hackers Abuse EdgeRouters and Cloud Services to Launch Stealthy Cyberattacks
One of the most persistent hacking groups in the world has found a new way to stay hidden. The threat actor known as...
Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol
Domain of dark web money laundering platform AudiA6 seized and suspects arrested in joint operation by the FBI, Europol and others - Read...
