VULNCRITICAL

NVIDIA NeMo Framework: RCE Vulnerability in ML Checkpoints

An unsafe deserialization flaw in NVIDIA NeMo Framework checkpoints enables remote code execution. User interaction is required, but t…

Jul 16, 2026views - 1.2k

aiZERO-DAY

Ollama Zero-Day DoS: downloadBlob Bug Puts Local AI Servers at Risk

ZDI has disclosed a zero-day vulnerability in Ollama enabling unauthenticated remote denial-of-service attacks via the downloadBlob fu…

Jul 08, 2026views - 1.5k

CYBERSECCVE

CISA Orders 3-Day Patch for CVE-2026-55255 in Langflow

An IDOR in Langflow's /api/v1/responses endpoint lets authenticated attackers steal LLM and cloud credentials from other users' flows.…

Jul 08, 2026views - 1.5k

CYBERSECEXPLOIT

Gartner: By 2028, 60% of Enterprises Will Drop Annual Pentesting for Continuous Validation

Gartner formalizes the COST framework for continuous vulnerability validation. Exploit time has compressed to under 10 hours, and 53%…

Jul 08, 2026views - 1.2k

CYBERSECCRITICAL

Langflow RCE Exploited for Miner Worm: 19-Day Campaign

CVE-2026-33017: Commodity operators exploit exposed AI endpoints to deploy Lambsys, an SSH worm that compromises entire enterprise inf…

Jun 30, 2026views - 1.4k

CYBERSEC

Linux Foundation Launches Akrites: A Shared SIRT for Open Source Software

Akrites brings 19 tech giants under one shared SIRT for open source vulnerabilities. A 5% patch rate and Dolan's admission: the road a…

Jun 26, 2026views - 1.2k

ransomware

Ransomware: Europe Overtakes US as Top Target With 55% Surge in Attacks

Black Kite's first Europe-focused report reveals 684 ransomware attacks in the first four months of 2026, a 55.1% year-over-year incre…

Jun 25, 2026views - 1.3k

cybersec

Microsoft Attributes Mastra Supply-Chain Attack to North Korean Sapphire Sleet

Microsoft assesses with high confidence that the supply-chain compromise of more than 140 @mastra npm packages was carried out by the…

Jun 20, 2026views - 1.4k

CYBERSEC

Agentic AI Replaces Assistive AI in Threat Management

Agentic AI is turning Gartner's CTEM framework from a strategic document into a continuous operational cycle. The shift, documented Ju…

Jun 19, 2026views - 1.3k

CYBERSEC

Log Discard: 86% of Security Logs End Up in the Trash

A Dynatrace survey of 450 senior IT leaders at large enterprises reveals that half of organizations discard or fail to collect an aver…

Jun 19, 2026views - 1.2k

VULNCRITICAL

Vertex AI SDK: Cross-Tenant Bucket Squatting Enabled RCE

Google Cloud Vertex AI SDK versions 1.139.0 through 1.140.0 were vulnerable to cross-tenant bucket squatting leading to remote code ex…

Jun 16, 2026views - 907

VULNCVE

Langflow CVE-2026-5027: RCE Under Active Exploitation with 7,000 Instances Exposed

A critical path traversal vulnerability in Langflow is being exploited in the wild. CVE-2026-5027 (CVSS 8.8) enables unauthenticated r…

Jun 13, 2026views - 942