vulnerability
CISA Warns of Actively Exploited LiteSpeed cPanel Plugin Flaw
What happened CISA added a high-severity LiteSpeed cPanel user-end plugin vulnerability, tracked as CVE-2026-48172, to its Known Exploited Vulnerabilities catalog on Monday and ordered Federal Civilian Executive Branch agencies to secure their ...
Oracle Issues Emergency Guidance as PeopleSoft Flaw Linked to Widespread Data Theft
A critical security vulnerability in Oracle’s PeopleSoft software has been linked to a large cyber campaign that may have affected more than 100 organizations, prompting urgent warnings from Oracle and cybersecurity investigators ...
ServiceNow Fixes Flaw That Could Lead to Unauthorized Access to Instances
ServiceNow this month fixed a flaw in its cloud platform that could have given attackers unauthorized access to user instances, but said that the "anomalous activity" related to the vulnerability likely was ...
Critical HVAC and UPS Vulnerabilities Could Disrupt Data Centers
What happened Claroty researchers uncovered multiple vulnerabilities in two widely deployed HVAC and UPS products used in data centers, showing how attackers could exploit them to launch disruptive remote attacks. The researchers ...
Ivanti Sentry Flaw Allows Code Execution as Root
What happened Ivanti released patches for two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity flaw that allows remote attackers to execute code with root privileges. Ivanti Sentry, ...
Linux Kernel Improper Authentication Vulnerability Raises Privilege Escalation Risk Across Systems
What happened A security vulnerability has been identified in the Linux kernel related to improper authentication handling, potentially allowing an authenticated local user to escalate privileges under certain conditions. The issue stems ...
Cybersecurity Must Prepare for AI Driven Hardware Exploitation
 Oh, so you thought Mythos and other AI models would only find vulnerabilities in software? Well, finding weaknesses in firmware and hardware is traditionally much more difficult, requiring specialized skills and in ...
Huawei Zero-Day Attack Behind Luxembourg’s 2025 Nationwide Telecoms Outage
What happened A previously undisclosed zero-day vulnerability in Huawei enterprise router software caused a nationwide telecommunications outage in Luxembourg on July 23, 2025, disrupting mobile, landline, and emergency communications for more than ...
AI Will Exploit What Businesses Refuse to Fix
 About 50 thousand vulnerabilities were discovered last year and many are either not being fixed or the patching is purposely delayed. The next generation of AI-powered tools will abuse this weakness. Emerging ...
Exploitation of Critical NGINX Vulnerability Begins Days After Patch ReleaseExploitation of Critical NGINX Vulnerability Begins Days After Patch Release
What happened Active exploitation of a critical NGINX vulnerability tracked as CVE-2026-42945 and dubbed Nginx Rift has been confirmed by VulnCheck, just days after F5 released patches and PoC code was published ...
