Latest IntelligencePage 56
Search by keyword →
Signal threatens to leave Canada over proposed lawful access bill
Encrypted messaging platform Signal says it would withdraw from the Canadian market rather than comply with provisions in Ottawa’s proposed lawful access legisl...
Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary c...
OpenAI confirms exposure in recent ‘Shai-Hulud’ supply-chain attack
OpenAI says a recent software supply-chain attack tied to the “Mini Shai-Hulud” malware campaign impacted two employee devices and exposed limited internal cred...
Microsoft Details Kazuar Malware’s Modular Architecture and P2P Botnet Operations
A nation-state malware known as Kazuar has resurfaced with a far more dangerous design than anyone expected. What once started as a relatively standard backdoor...
VMware Fusion Vulnerability Let Attackers Escalate Privilege to Root
A high-severity privilege escalation vulnerability has been discovered in VMware Fusion, Broadcom’s popular macOS virtualization software, allowing local ...
Hackers Abuse Scheduled Tasks to Maintain Persistence in FrostyNeighbor Attacks
A state-aligned hacking group known as FrostyNeighbor has resurfaced with a fresh wave of cyberattacks targeting government organizations in Ukraine, using a ca...
79 Chrome Vulnerabilities Patched, Including 14 Critical One’s – Update Now!
Google has rolled out a massive security update for its Chrome browser, sealing a staggering 79 vulnerabilities before threat actors can exploit them. With 14 o...
Critical Microsoft Exchange Server Vulnerability Actively Exploited in Attacks
Microsoft issued an urgent security alert regarding a newly discovered vulnerability in Exchange Server that is currently being exploited in the wild. Tracked a...
Chrome 148 Update Patches Critical Vulnerabilities
The refresh resolves critical-severity use-after-free and other types of bugs in various browser components. The post Chrome 148 Update Patches Critical Vulnera...
Critical Next.js Vulnerability Exposes Cloud Credentials, API keys, and Admin Panels
A high-severity vulnerability in Next.js threatens self-hosted web applications with severe data breaches. Threat actors can now exploit a Server-Side Request F...
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patches A...
On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wil...
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to ...
Windows 11 and NVIDIA hacked on the first day of Pwn2Own Berlin 2026
Researchers earned more than half a million dollars on the opening day of Pwn2Own Berlin 2026 after successfully demonstrating 24 previously unknown vulnerabili...
OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack
Two employee devices at OpenAI were compromised in a sweeping software supply chain attack targeting TanStack npm, but the AI company confirmed no user data, pr...
Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access
A maximum-severity zero-day vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited in the wild, allowing unauthenticated remote attackers...
Taiwan Incident Highlights Cybersecurity Gaps in Rail Systems
A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response...
Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response...
TeamPCP hackers advertise Mistral AI code repos for sale
The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [...]...
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]...