ALL POSTS

Key Findings CISA added CVE-2026-3502, a flaw in TrueConf Client, to its Known Exploited Vulnerabilities catalog on April 2, 2026 The vulnerability has a CVSS score of 7.8 and allows attackers to download and install malicious updates without integrity verification Threat actors are actively exploiting this flaw by compromising TrueConf servers and replacing legitimate update files with malicious payloads Check Point researchers attributed a wave of attacks called Operation T

Key Findings Check Point discovered a critical vulnerability in ChatGPT that allowed attackers to exfiltrate user data, uploaded files, and conversation history without detection or consent The flaw exploited a hidden DNS-based communication channel in the Linux runtime environment, bypassing all visible AI guardrails OpenAI patched the ChatGPT vulnerability on February 20, 2026, with no evidence of malicious exploitation BeyondTrust Phantom Labs identified a command injectio