Latest IntelligenceVulnerabilitiesPage 15
Search by keyword →
Qinglong Task Scheduler RCE Vulnerabilities Exploited in the Wild
In early 2026, two critical authentication bypass vulnerabilities in the popular open-source Qinglong task scheduler were actively exploited by hackers. Accordi...
ProFTPD’s SQL Injection Vulnerability Enables Remote Code Execution Attacks
A critical SQL injection vulnerability in ProFTPD, one of the Internet’s most widely deployed FTP servers. Tracked as CVE-2026-42167, this flaw carries a ...
Europol Busts €50 Million Online Fraud Network Running Corporate-Style Scam Call Centres
A major international law enforcement operation has brought down a large-scale online fraud network that stole more than EUR 50 million from victims across Euro...
cPanel 0-Day Authentication Bypass Vulnerability Actively Exploited in the Wild — PoC Released
A critical authentication bypass vulnerability in cPanel & WHM has been confirmed to be actively exploited in the wild, sending shockwaves through the globa...
Cursor AI Extension Access Developer Tokens Leads to Full Credential Compromise
A high-severity access-control vulnerability (CVSS 8.2) in Cursor, a widely used AI-powered coding environment. The flaw uncovered by LayerX has allowed any ins...
Linux Kernel 0-Day “Copy Fail” Roots Every Major Distribution Since 2017
A critical zero-day vulnerability in the Linux kernel has been publicly disclosed, enabling any unprivileged local user to obtain root access on virtually every...
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining
Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers' servers....
Reverse Engineering With AI Unearths High-Severity GitHub Bug
Wiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and time-consuming to undertake....
cPanel, WHM emergency update fixes critical auth bypass bug
A critical vulnerability affecting all but the latest versions of cPanel and the WebHost Manager (WHM) dashboard could be exploited to obtain access to the cont...
Learning from the Vercel breach: Shadow AI & OAuth sprawl
A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach shows a compromised OAuth app can lea...
Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure
The vulnerability allows attackers to read data from a LiteLLM proxy’s database and potentially modify it. The post Fresh LiteLLM Vulnerability Exploited Shortl...
Cursor AI Coding Agent Vulnerability Allow Attackers to Execute Code on Developer’s Machine
A high-severity vulnerability in Cursor, one of the most widely used AI-powered coding environments today, has put developers at direct risk of remote code exec...
GitHub fixes RCE flaw that gave access to millions of private repos
In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed attackers to access millions of private re...
SLOTAGENT Malware Uses API Hashing and Encrypted Strings to Hinder Reverse Engineering
A newly identified malware called SLOTAGENT has drawn attention in the cybersecurity community for its strong ability to resist analysis and avoid detection. Th...
CISA Warns Microsoft Windows Shell 0-click Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability in Microsoft Windows. On Ap...
Hugging Face LeRobot Vulnerability Enables Unauthenticated RCE Attacks
A critical, currently unpatched remote code execution (RCE) vulnerability has been disclosed in LeRobot, Hugging Face’s popular open-source machine learni...
CISA orders feds to patch Windows flaw exploited as zero-day
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems against a vulnerability exploited ...
38 Vulnerabilities Found in OpenEMR Medical Software
Some of the vulnerabilities discovered by Aisle can be exploited to access and alter sensitive patient information. The post 38 Vulnerabilities Found in OpenEMR...
Critical GitHub Vulnerability Exposed Millions of Repositories
The remote code execution flaw CVE-2026-3854 was found to impact GitHub.com and GitHub Enterprise Server. The post Critical GitHub Vulnerability Exposed Million...
cPanel Warns of Critical Authentication Flaw – Emergency Patch Released
Web hosting control panel giant cPanel has issued an emergency security update to address a critical vulnerability affecting its core software. The security fla...