Microsoft Azure Data Explorer Cross-Tenant Data Leak with Custom Dashboard
Microsoft Azure Data Explorer Cross-Tenant Data Leak with Custom Dashboard Tenable Research has identified and responsibly disclosed a critical cross-tenant data exfiltration vulnerability in...
[R1] Nessus Manager Versions 10.10.3 and 10.11.3 Fix One Vulnerability
Nessus Manager Versions 10.10.3 and 10.11.3 Fix One Vulnerability Arnie Cabral Tue, 03/03/2026 - 12:08
A path traversal vulnerability exists in Nessus Manager...
Sim Studio AI – Unauthenticated OAuth Token Theft
Sim Studio AI - Unauthenticated OAuth Token Theft The `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `credentialAccountUserId`...
Sim Studio AI – MongoDB SSRF and Arbitrary Document Deletion
Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion The MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or...
Gradio – Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret
Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret Gradio applications running outside of Hugging Face Spaces automatically enable "mocked"...
Google Cloud Platform (GCP) Vertex AI Workbench Cross-Tenant Full Account Takeover with Managed End...
Google Cloud Platform (GCP) Vertex AI Workbench Cross-Tenant Full Account Takeover with Managed End User Credentials Tenable Research has identified and responsibly disclosed a...
[R1] Security Center Version 6.8.0 Fixes Multiple Vulnerabilities
Security Center Version 6.8.0 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 02/18/2026 - 08:32
Security Center leverages third-party software to help provide underlying functionality....
[R2] Security Center Version 6.8.0 Fixes Multiple Vulnerabilities
Security Center Version 6.8.0 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 02/18/2026 - 08:32
Security Center leverages third-party software to help provide underlying functionality....
[R2] Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2:...
Stand-alone Security Patches Available for Tenable Security Center versions 6.5.1, 6.6.0 and 6.7.2: SC-202602.1 + SC-202602.2 Arnie Cabral Tue, 02/17/2026 - 08:32
Security...
Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge
Nanobot Unauthenticated WhatsApp Session Hijack via WebSocket Bridge Tenable Research has identified and responsibly disclosed a vulnerability to Nanobot.The nanobot WhatsApp bridge server (`bridge/src/server.ts`)...
Latest article
Amazon Cognito unlocks advanced capabilities with next-generation infrastructure
Amazon Cognito recently introduced high-throughput performance for demanding workloads, customer-managed keys for full control over data encryption at rest, and multi- Region replication for...
Gartner SRM 2026 Signals a Cybersecurity Shift From Prevention to Resilience
Gartner SRM 2026 put resilience, identity, and AI agent governance at the center of cybersecurity strategy as prevention loses ground.
The post Gartner SRM 2026...
Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts - Read more
CVE-2026-48567 Azure HorizonDB Elevation of Privilege Vulnerability
Authentication bypass by spoofing in Azure HorizonDB allows an unauthorized attacker to elevate privileges over a network. - Read more
