Archive
All articles, newest first. Page 15.
CERT-AGID: Italian Cyberattacks Surge 13% as PagoPA and INPS Face Targeted Campaigns
CERT-AGID identified 131 malicious campaigns in Italy between May 9 and 15, 2026. The activity involved 1,382 indicators of compromise…
Ollama Flaws Expose Local LLM Memory and Enable Windows Malware Persistence
Three critical CVEs in Ollama allow unauthenticated remote attackers to leak LLM process memory via crafted GGUF files and achieve per…
CVE-2026-42945: Active Exploitation of NGINX Servers Underway
CVE-2026-42945 is being actively exploited in the wild, targeting NGINX rewrite modules to trigger immediate DoS or conditional RCE. C…
ShinyHunters: A Serial Extortion Campaign Targets Enterprise SaaS (May 2026)
Between May 7 and May 18, 2026, ShinyHunters targeted Canvas, 7-Eleven, and Grafana in a high-profile data extortion spree. While Inst…
Grafana Refuses Ransom Following GitHub Token Theft and Codebase Breach
Grafana Labs has confirmed that a stolen GitHub access token allowed attackers to exfiltrate its source code. Despite extortion attemp…
NGINX Rift: Critical CVE-2026-42945 Exploitation Detected In-the-Wild
The NGINX Rift vulnerability (CVE-2026-42945) has seen active exploitation since May 16, leveraging a long-dormant heap buffer overflo…
Safari Regex Engine Vulnerability Allows Remote Code Execution via Duplicate Named Groups
Apple has patched a high-severity (CVSS 8.8) remote code execution vulnerability in Safari. The flaw involves a heap-based buffer over…
DirtyDecrypt: Linux Local Privilege Escalation Exploit Surfaces for Unpatched Systems
A proof-of-concept for 'DirtyDecrypt'—a local privilege escalation flaw in the Linux kernel's RXGK module—is now public. Organizations…
GitHub Enterprise RCE: Critical Vulnerability (CVE-2026-3854) Demands Immediate Updates
A flaw in GitHub’s push options handling allows for Remote Code Execution on Enterprise Server instances. With technical details now p…
Cisco Talos Unveils AI-Driven Honeypot PoC to Deceive Malicious Agents
Cisco Talos researchers have demonstrated a proof-of-concept for adaptive honeypots powered by generative LLMs, designed to exploit th…
PAN-OS Captive Portal Zero-Day: CVE-2026-0300 Exploited in Root-Level RCE Attacks
A deep dive into the critical CVE-2026-0300 vulnerability within Palo Alto Networks PAN-OS, detailing active in-the-wild exploitation…
Grafana Labs Hit by GitHub Breach: Source Code Stolen, Ransom Demands Rejected
Grafana Labs has confirmed a breach of its GitHub environment via a 'Pwn Request' vulnerability. While attackers exfiltrated proprieta…
Unpatched BlueHammer Zero-Day Enables Rapid Windows Privilege Escalation
A functional exploit dubbed 'BlueHammer' leverages logic flaws in Microsoft Defender and Volume Shadow Copy to grant SYSTEM privileges…
Ivanti Endpoint Manager Under Scrutiny Following CVE-2026-8109 Authentication Bypass Reports
An analysis of the CVE-2026-8109 vulnerability in Ivanti Endpoint Manager reveals a risk of authentication bypass within the RemoteCon…
Ivanti Releases May 2026 Security Updates: Seven CVEs and a Critical SQLi-to-RCE Vulnerability
On May 13, 2026, Ivanti patched seven security flaws across four enterprise products, including a critical SQL injection-to-RCE in its…
Palo Alto Networks Zero-Day: PAN-OS Vulnerability Grants Attackers Root Perimeter Control
CVE-2026-0300 enables unauthenticated root RCE on PAN-OS firewalls. With CISA Mandating mitigation within three days, we analyze the e…
Ivanti EPMM Zero-Day Under Active Exploitation: CISA Adds CVE-2026-6973 to KEV Catalog
A newly disclosed zero-day in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-6973, is being actively exploited in the wild…
Ivanti EPMM RCE Under Active Exploitation as Federal Patch Deadline Lapses
CVE-2026-6973, a critical RCE vulnerability in Ivanti EPMM on-premise, is currently being exploited in the wild. The CISA remediation…
Apple Safari WebCore Vulnerability: ZDI-26-312 Enables Remote Code Execution
A use-after-free vulnerability in Safari’s WebCore style resolver allows for remote code execution through user interaction, affecting…
May 2026 Patch Tuesday: 137 Vulnerabilities Addressed, No Zero-Days Found Despite Critical DNS RCE
Microsoft has patched 137 vulnerabilities in its May 2026 security update. While no active exploits have been detected, critical unaut…
Ivanti Confirms Post-Auth RCE in EPMM Under Active Exploitation
Ivanti has warned of targeted attacks exploiting CVE-2026-6973, a post-authentication RCE flaw in on-premise EPMM. The vulnerability,…
Ivanti EPMM Zero-Day: Admin-Authenticated RCE Triggers Urgent CISA Patch Mandate
Ivanti has disclosed CVE-2026-6973, a critical zero-day in Endpoint Manager Mobile (EPMM) allowing RCE with administrative privileges.…
Ivanti Patches Critical RCE Flaws While Addressing Active EPMM Zero-Day
Ivanti has released its May security updates for EPM and confirmed an active zero-day in EPMM; with at least 22 vulnerabilities exploi…
Ransomware 2026: From EDR-Killers to Post-Quantum Cryptography
In 2026, ransomware has reached industrial scale, leveraging BYOVD EDR-killers, ML-KEM post-quantum encryption, and a strategic pivot…