ALL POSTS

Key Findings The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability in BeyondTrust Remote Support (RS) and older Privileged Remote Access (PRA) products to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, tracked as CVE-2026-1731, has a CVSS score of 9.9 and could allow an unauthenticated attacker to execute remote commands without logging in. BeyondTrust released security updates on February 6, 2026, to address the critical vulnera

Key Findings Apple has fixed an actively exploited zero-day vulnerability in its ecosystem, including iOS, macOS, and other devices. The vulnerability, tracked as CVE-2026-20700, is a memory corruption flaw in Apple's Dynamic Link Editor (dyld) that allows attackers to execute arbitrary code. The flaw was discovered and reported by Google's Threat Analysis Group, suggesting it may have been used in sophisticated, targeted attacks by nation-state actors or commercial spyware v

Key Findings Microsoft released security updates to address 59 vulnerabilities, including 6 that are actively being exploited in the wild. Of the 59 flaws, 5 are rated Critical, 52 are rated Important, and 2 are rated Moderate in severity. 25 of the patched vulnerabilities are privilege escalation, followed by remote code execution (12), spoofing (7), information disclosure (6), security feature bypass (5), denial-of-service (3), and cross-site scripting (1). The 6 actively e

Key Findings Microsoft released security updates to address 58 new vulnerabilities across Windows, Office, Azure, Edge, Exchange, Hyper-V, and other components. The update includes fixes for 6 zero-day vulnerabilities that are being actively exploited in the wild. 5 of the vulnerabilities were rated as "Critical" by Microsoft. Several vulnerabilities affect high-profile targets like GitHub Copilot, IDEs, and Azure cloud services. Background This month's Patch Tuesday from Mic

Key Findings Anthropic's latest AI model, Claude Opus 4.6, has found over 500 previously unknown high-severity security flaws in major open-source libraries like Ghostscript, OpenSC, and CGIF. The model was able to identify vulnerabilities by parsing commit histories, spotting dangerous functions, and understanding complex algorithmic concepts. Anthropic says Opus 4.6 can "read and reason about code the way a human researcher would", enabling it to find vulnerabilities that t

Key Findings Symantec and VMware Carbon Black researchers have uncovered a new ransomware strain called Osiris, used in a November 2025 attack against a major Southeast Asian food service franchise operator. Osiris leverages the POORTRY driver in a bring-your-own-vulnerable-driver (BYOVD) attack to disable security software on targeted systems. The new ransomware has full-featured capabilities, including the ability to stop services and processes, select files and folders to

Key Findings HPE Networking has released critical software patches for vulnerabilities in its Instant On series of access points and routers. The flaws include a high-severity Denial-of-Service (DoS) vulnerability (CVE-2025-37166) that can crash devices, and an information exposure issue (CVE-2025-37165) that could leak network configuration details. The update also addresses legacy kernel-level vulnerabilities (CVE-2023-52340, CVE-2022-48839) that could lead to DoS and memor

Key Findings Microsoft released its first security update for 2026, addressing 114 security flaws 8 vulnerabilities were rated Critical, and 106 were rated Important in severity The update includes 58 privilege escalation, 22 information disclosure, 21 remote code execution, and 5 spoofing flaws The update marks the third-largest January Patch Tuesday after January 2025 and January 2022 2 previously disclosed zero-day vulnerabilities were also addressed Background Microsoft r

Key Findings: CISA has added two security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2009-0556: A code injection flaw in Microsoft Office PowerPoint that allows remote code execution CVE-2025-37164: A code injection vulnerability in HPE OneView that allows remote unauthenticated code execution Background CVE-2009-0556 is a memory corruption vulnerability in legacy Microsoft PowerPoint that was exploited in the wild in April 2009. It affects Powe

Key Findings Threat actors have begun exploiting two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure. The attacks exploit two critical authentication bypasses (CVE-2025-59718 and CVE-2025-59719, CVSS scores: 9.8). The vulnerabilities allow unauthenticated bypass of SSO login authentication via crafted SAML messages if the FortiCloud SSO feature is enabled. Fortinet has released patches for the flaws in FortiOS, FortiWeb,

Key Findings NVIDIA has issued critical security updates for its Merlin framework, addressing high-severity vulnerabilities (CVSS 8.8) in two key components: NVTabular and Transformers4Rec. The vulnerabilities stem from unsafe deserialization, which could allow attackers to execute malicious code, tamper with data, or cause denial of service in AI recommendation pipelines. The first flaw (CVE-2025-33214) affects the Workflow component of NVTabular, a feature engineering libra

Key Findings The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2025-14174: Google Chromium Out-of-Bounds Memory Access Vulnerability CVE-2018-4063: Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability Background CVE-2025-14174 is an out-of-bounds memory access flaw in the ANGLE graphics library of Google Chrome on Mac, which can be expl

Key Findings CVE-2025-55184 (CVSS 7.5) - A pre-authentication denial of service vulnerability in React Server Components (RSC) that can trigger an infinite loop and hang the server process CVE-2025-67779 (CVSS 7.5) - An incomplete fix for CVE-2025-55184 with the same impact CVE-2025-55183 (CVSS 5.3) - An information leak vulnerability that may expose the source code of a vulnerable Server Function Background The React team has released fixes for three new vulnerabilities in R

Key Findings Microsoft released 57 vulnerabilities in the December 2025 Patch Tuesday, including 2 "critical" and the rest "important" Microsoft assessed that exploitation of the 2 "critical" vulnerabilities is "less likely" Cisco Talos is releasing new Snort rules to detect attempts to exploit some of the disclosed vulnerabilities Background This month's Patch Tuesday addresses a range of vulnerabilities, including: CVE-2025-62562: Microsoft Outlook remote code execution vul

Key Findings Over 30 security vulnerabilities have been disclosed in various AI-powered Integrated Development Environments (IDEs) The vulnerabilities combine prompt injection primitives with legitimate IDE features to achieve data exfiltration and remote code execution The security issues have been collectively named "IDEsaster" by security researcher Ari Marzouk (MaccariTA) The vulnerabilities affect popular IDEs and extensions such as Cursor, Windsurf, Kiro.dev, GitHub Cop

Key Findings A critical security flaw (CVE-2025-13658, CVSS 9.8) has been discovered in the Longwatch video surveillance and monitoring system developed by Industrial Video & Control (IV&C). The vulnerability allows unauthenticated remote code execution with SYSTEM-level privileges, enabling complete takeover of the affected OT surveillance systems. The flaw resides in the way the Longwatch devices handle incoming web traffic, allowing arbitrary code execution through an expo

Key Findings U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2025-48572: Android Framework Privilege Escalation Vulnerability CVE-2025-48633: Android Framework Information Disclosure Vulnerability Background The two high-severity vulnerabilities are reported to be "under limited, targeted exploitation" in the wild. Google's latest Android update for December 2025

Key Findings Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures. The security defects allow attackers to bypass authentication, perform path traversal, achieve remote code execution, cause denial-of-service conditions, and manipulate tags. Successful exploitation of the flaws could enable attackers to disrupt cloud services, manipu

Key Findings Grafana has patched a critical vulnerability (CVE-2025-41115) in its SCIM (System for Cross-domain Identity Management) implementation with a CVSS score of 10.0. The flaw could allow a malicious or compromised SCIM client to provision a user with a numeric `externalId`, enabling potential impersonation or privilege escalation under certain configurations. The vulnerability affects Grafana Enterprise versions from 12.0.0 to 12.2.1 and has been addressed in Grafana

Key Findings GoSign Desktop, a widely used electronic signature solution, contains critical vulnerabilities that can lead to remote code execution and privilege escalation. The platform disables TLS certificate validation when configured to use a proxy server, exposing users to man-in-the-middle attacks. The update mechanism relies on an unsigned manifest, allowing an attacker to deliver malicious updates and fully compromise the machine. Sensitive data, such as OAuth secrets