Latest IntelligenceVulnerabilitiesPage 11
Search by keyword →
CloudZ RAT Abuses Microsoft Phone Link to Steal SMS OTPs and Mobile Notifications
A newly discovered threat is turning a built-in Microsoft feature into a powerful spying tool. Security researchers have found a remote access tool called Cloud...
New Cisco DoS flaw requires manual reboot to revive devices
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems...
Argo CD’s ServerSideDiff Vulnerability Enables Kubernetes Secret Extraction
A critical cybersecurity vulnerability has been uncovered in Argo CD, a widely used declarative GitOps continuous delivery tool for Kubernetes environments. Tra...
Taiwan High Speed Rail Hacked Using Radio Signal Spoofing Attack That Halted Three Trains
On the final night of the Qingming Festival holiday, three Taiwan High Speed Rail trains were forced into emergency stops due to a sophisticated radio signal sp...
New MajorDoMo RCE Vulnerability Exposes Servers to Code Execution Attacks
A newly disclosed flaw exposes internet-facing MajorDoMo servers to unauthenticated remote code execution via a broken authentication flow and unsafe dynamic PH...
New Fanwei E-cology10 Server Vulnerability Could Let Attackers Hijack Sessions and Steal Credentials
A critical security flaw has been discovered in Fanwei E-cology10, a widely used enterprise collaboration platform built for medium and large organizations. The...
Salesforce Marketing Cloud Vulnerability Opened Door to Email Data Exposure
A significant set of security vulnerabilities in Salesforce Marketing Cloud (SFMC) could have allowed attackers to read and expose private email data belonging ...
GrapheneOS fixes Android VPN leak Google refused to patch
GrapheneOS has released a new update that fixes a recently disclosed Android VPN bypass vulnerability capable of leaking a user’s real IP address. The leak happ...
.webp)
Malicious OpenClaw DeepSeek Skill Exploits Agentic AI Workflows to Deliver RAT and Stealer
A cleverly disguised malware campaign is targeting developers and AI-driven systems by hiding inside what looks like a legitimate plugin for an open-source AI f...
Zero-Auth Flaw Exposes DoD Contractor to Cross-Tenant Data Access
A severe zero-authorization vulnerability in Schemata’s API, an AI-powered virtual training platform holding active Department of Defense (DoD) contracts,...
WhatsApp warns of Instagram Reels bug that could load risky content
Meta has released security updates for WhatsApp addressing two vulnerabilities that could have exposed users to malicious files or attacker-controlled content o...
Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
Palo Alto Networks warned customers today that a critical-severity unpatched vulnerability in the PAN-OS User-ID Authentication Portal is being exploited in att...
Oracle Debuts Monthly Critical Security Patch Updates
Containing fixes for critical-severity vulnerabilities, the monthly rollouts will focus on addressing priority issues faster. The post Oracle Debuts Monthly Cri...
Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls
CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to Ha...
Critical Palo Alto Firewalls Vulnerability Exploited in the Wild to Gain Root Access
Palo Alto Networks has disclosed a critical buffer overflow vulnerability in PAN-OS software, tracked as CVE-2026-0300, that is already being actively exploited...
Trellix Source Code Breach Highlights Growing Supply Chain Threats
Info is scant, but such breaches can reveal where a security product's controls are located and how detections are designed, giving attackers a leg up....
Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations
The UC Berkeley Center for Long-Term Cybersecurity (CLTC) offers tools and support to schools, local governments, and non-profits as they defend themselves agai...
GnuTLS 3.8.13 Released with Fix for 12 Vulnerabilities Affecting Network Communications
GnuTLS version 3.8.13 has been officially released to patch a dozen security vulnerabilities, including critical flaws affecting secure network communications. ...
Critical Weaver E-cology RCE Vulnerability Actively Exploited in Attacks
A critical unauthenticated remote code execution vulnerability in the Weaver E-cology platform is currently being actively exploited in the wild. CVE-2026-22679...
Critical Qualcomm Chipset Vulnerabilities Enables Remote Code Execution
Qualcomm Technologies has released a critical security bulletin addressing multiple severe vulnerabilities in its proprietary and open-source software. These se...