ALL POSTS

Key Findings Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions with over 125 million collective installs. The vulnerable extensions are Live Server, Code Runner, Markdown Preview Enhanced, and Microsoft Live Preview. If successfully exploited, these vulnerabilities could allow threat actors to steal local files and execute code remotely. The researchers warn that a single malicious exte

Key Findings Apple released emergency updates for iOS, iPadOS, macOS, tvOS, watchOS, and visionOS to address an actively exploited zero-day vulnerability (CVE-2026-20700) The vulnerability is a memory corruption issue in Apple's Dynamic Link Editor (dyld) that could allow attackers to execute arbitrary code The flaw was discovered and reported by Google's Threat Analysis Group, suggesting it may have been used in sophisticated nation-state or commercial spyware attacks Apple

Key Findings: A critical vulnerability in MongoDB allows unauthenticated attackers to crash database servers The flaw, tracked as CVE-2022-29464, has a CVSS score of 8.7 and can lead to Denial of Service (DoS) conditions The vulnerability is caused by a memory exhaustion issue that can be triggered without any authentication Background MongoDB is a popular open-source NoSQL database management system that is widely adopted by organizations for its flexibility and scalability.

Key Findings The European Commission detected a cyber attack on its central mobile device management infrastructure on January 30, 2026. The attack may have exposed the personal details, including names and phone numbers, of some Commission staff members. However, the Commission's swift response contained the breach within 9 hours and ensured that no mobile devices were compromised. The attack is linked to critical vulnerabilities (CVE-2026-1281 and CVE-2026-1340) in Ivanti's

Key Findings Critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products Tracked as CVE-2026-1731 with a CVSS score of 9.9 Allows unauthenticated remote attackers to execute OS commands and compromise systems Affects RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior Patches available in RS v25.3.2+ and PRA v25.1.1+ Customers with older versions (RS <21.3, PRA <22.1) must upgrade b

Key Findings Critical vulnerability (CVE-2026-1868) discovered in GitLab self-hosted AI Gateway with a CVSS score of 9.9 Flaw allows attackers to execute arbitrary code or trigger a Denial of Service on affected systems The vulnerability is caused by improper sanitization of user-supplied templates in the Duo Workflow Service Affects versions 18.1.6, 18.2.6, and 18.3.1 of the GitLab AI Gateway Patched versions 18.6.2, 18.7.1, and 18.8.1 have been released to address the issue

Key Findings IBM has disclosed a critical vulnerability, CVE-2025-13375, in its Common Cryptographic Architecture (CCA) software with a CVSS score of 9.8. The flaw allows unauthenticated attackers to execute arbitrary commands with elevated privileges on the system, exposing the IBM Hardware Security Modules (HSMs). The vulnerability affects specific versions of the CCA software running on IBM's 4769 and 4770 cryptographic coprocessors, as well as the IBM i platform. The impa

Key Findings Cisco has released urgent updates to address critical vulnerabilities in Cisco Meeting Management and Cisco TelePresence Collaboration Endpoint (CE) Software The vulnerabilities could allow attackers to seize control of meeting management systems or crash communication endpoints The most severe flaw, CVE-2026-20098, carries a high CVSS score of 8.8 and allows remote attackers to execute arbitrary commands with root privileges Background Cisco Meeting Management i

Key Findings An FBI informant claimed in 2017 that Jeffrey Epstein had a "personal hacker" who was an Italian born in Calabria. The hacker, whose name was redacted, reportedly sold zero-day exploits and offensive cyber tools to several countries, including the U.S. and the U.K. He allegedly created a zero-day exploit and sold it to Hezbollah in exchange for a trunk of cash. The hacker was known for finding vulnerabilities in iOS, BlackBerry, and Firefox. He surrounded himself

Key Findings Kyverno, a popular Kubernetes-native policy engine, has released an urgent security update to address a critical vulnerability (CVE-2026-22039) with a maximum CVSS score of 10. The flaw allows any user with policy creation rights to effectively become a cluster admin, shattering Kyverno's isolation boundaries. The update also fixes a high-severity Denial of Service (DoS) vulnerability (CVE-2026-23881) with a CVSS score of 7.7. Background Kyverno is a Kubernetes-n

Key Findings SolarWinds has released security updates to address six vulnerabilities in their Web Help Desk product, including four critical flaws. The four critical vulnerabilities could be exploited without authentication to achieve remote code execution (RCE) or bypass authentication: CVE-2025-40551 (CVSS 9.8) - Unauthenticated RCE via deserialization of untrusted data CVE-2025-40552 (CVSS 9.8) - Authentication bypass to execute actions and methods CVE-2025-40553 (CVSS 9.8

Key Findings A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library, tracked as CVE-2026-22709. The vulnerability carries a CVSS score of 9.8 out of 10.0, indicating its high severity. The flaw allows attackers to escape the sandbox environment and execute arbitrary code on the underlying operating system. Background vm2 is a Node.js library used to run untrusted code within a secure sandboxed environment. The library intercepts and prox

Key Findings: Fortinet has released security updates to address a critical flaw (CVE-2026-24858, CVSS 9.4) impacting FortiOS, FortiManager, and FortiAnalyzer. The vulnerability is an authentication bypass related to the FortiCloud single sign-on (SSO) feature, which can allow an attacker with a FortiCloud account and a registered device to access other devices registered to different accounts. The vulnerability is actively being exploited in the wild, with Fortinet confirming

Key Findings: React team issued urgent security advisory about incomplete fixes for Denial of Service (DoS) vulnerabilities in React Server Components New high-severity flaw CVE-2026-23864 (CVSS 7.5) allows attackers to trigger server crashes, out-of-memory exceptions, or excessive CPU usage via "specially crafted HTTP requests" Vulnerability affects React packages using server-side rendering (react-server-dom-webpack, react-server-dom-parcel, react-server-dom-turbopack) in v

Key Findings Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 2016–2024 and Microsoft 365 Apps. The vulnerability is a security feature bypass that allows an unauthorized attacker to bypass security protections locally by sending a malicious Office file. Microsoft confirmed the Preview Pane is not an attack vector, but did not disclose technical details about the active exploits. Office 2021 and later are automa

Key Findings A critical vulnerability (CVE-2025-56005) with a CVSS score of 9.8 has been discovered in the PLY (Python Lex-Yacc) library, a popular parsing library used in the Python community. The vulnerability allows Remote Code Execution (RCE) and stems from an undocumented "picklefile" parameter in the `yacc()` function. The issue is caused by the unsafe deserialization of untrusted data using Python's `pickle.load()` method. The project's maintainer, David Beazley, has a

Key Findings: A critical vulnerability has been discovered in the Linux kernel's x86 page fault handling mechanism, existing since 2020. The flaw was caused by inconsistent disabling of hardware interrupts, leading to potential catastrophic scenarios. The vulnerability was not limited to user-space address errors, but involved a more complex interplay between address ranges and execution context. The remediation required a fundamental shift in approach, moving away from selec

Key Findings A public proof-of-concept (PoC) exploit has been released for a critical vulnerability in the Android operating system. The vulnerability allows malicious applications to escalate their privileges and gain access to sensitive permissions without the user's knowledge or consent. The vulnerability affects both the main Android OS as well as the WearOS platform, putting a wide range of Android devices at risk. The exploit has been confirmed to work on multiple Andro

Key Findings A critical Remote Code Execution (RCE) vulnerability with a CVSS score of 9.8 has been discovered in the Laravel Reverb framework. The vulnerability, which allows unauthenticated attackers to execute arbitrary code, affects an estimated 7 million websites and applications that use the Laravel Reverb framework. The vulnerability is caused by insecure deserialization of user-supplied data, which can lead to remote code execution. Successful exploitation of this vul

Key Findings Researchers at watchTowr Labs have discovered a critical vulnerability in SmarterMail, tracked as WT-2026-0001, that allows unauthenticated attackers to hijack administrative accounts and achieve full Remote Code Execution (RCE). The vulnerability lies within the force-reset-password API endpoint, which fails to implement proper security checks for system administrators. Attackers can simply send a JSON request with IsSysAdmin set to true, the target username, an