What to Expect From the 2026 NATO Summit in Turkiye
What to Expect From the 2026 NATO Summit in Turkiye NATO leaders meet in Ankara, Turkiye on July 7–8 for what Secretary General Mark Rutte has called “maybe even more important than The Hague.” The Ha...
June 2026: FortiBleed Cracks Fortinet Firewalls, Supply Chain Worms Hi...
June 2026: FortiBleed Cracks Fortinet Firewalls, Supply Chain Worms Hit npm and PyPI June 2026 was headlined by FortiBleed, a Russian-attributed credential harvesting campaign that exposed over 86,000...
CISA Flags SharePoint RCE (CVE-2026-45659) for Active Exploitation
CISA Flags SharePoint RCE (CVE-2026-45659) for Active Exploitation CISA has added CVE-2026-45659 to its Known Exploited Vulnerabilities (KEV) catalog as of July 1, 2026, indicating active exploitation...
CVE-2026-8037: Progress Kemp LoadMaster RCE Exploited in the Wild
CVE-2026-8037: Progress Kemp LoadMaster RCE Exploited in the Wild A critical vulnerability tracked as CVE-2026-8037 affects Progress Kemp LoadMaster (Progress ADC / LoadMaster). The issue is a pre-aut...
Adobe ColdFusion and Campaign Classic: Critical RCE Flaws Among Multip...
Adobe ColdFusion and Campaign Classic: Critical RCE Flaws Among Multiple CVSS 10.0 Issues Adobe has published two “Priority 1” security bulletins, covering a total of 12 vulnerabilities in Adobe ColdF...
CVE-2026-8451 Adds a New NetScaler Memory Overread to the CitrixBleed ...
CVE-2026-8451 Adds a New NetScaler Memory Overread to the CitrixBleed Pattern Citrix has patched CVE-2026-8451, a vulnerability affecting Citrix NetScaler ADC and NetScaler Gateway. The issue is an in...
CVE-2026-48558: SimpleHelp OIDC Auth Bypass Used to Deploy Infostealer...
CVE-2026-48558: SimpleHelp OIDC Auth Bypass Used to Deploy Infostealer Payloads CVE-2026-48558 is a critical authentication bypass affecting SimpleHelp, a remote support and RMM (remote monitoring and...
Klue Breach: What You Need to Know
Klue Breach: What You Need to Know The Klue breach shows how stolen OAuth tokens from a trusted SaaS integration can expose Salesforce CRM data. Learn what happened, which companies confirmed impact, ...
WhatsApp VBScript Campaign Installs ManageEngine Endpoint Central for ...
WhatsApp VBScript Campaign Installs ManageEngine Endpoint Central for Persistent Remote Access A newly reported malware campaign uses WhatsApp direct messages to deliver VBScript (VBS/VBE) attachments...
CVE-2026-20253: CISA Warns of Actively Exploited Splunk Enterprise RCE
CVE-2026-20253: CISA Warns of Actively Exploited Splunk Enterprise RCE Splunk Enterprise admins should prioritize patching CVE-2026-20253, a critical vulnerability that allows a network-reachable, una...
CVE-2026-42530 & CVE-2026-42055: F5 Patches NGINX Vulnerabilities
CVE-2026-42530 & CVE-2026-42055: F5 Patches NGINX Vulnerabilities F5 has released out-of-band security updates for two NGINX vulnerabilities that can affect exposed web infrastructure: CVE-2026-42...
SOCRadar Launches Free FortiBleed Exposure Checker and Publishes the M...
SOCRadar Launches Free FortiBleed Exposure Checker and Publishes the Most Extensive Dataset on the Fortinet Credential Leak The team that first analyzed the FortiBleed leak now opens its research to t...
FortiSandbox Vulnerabilities Expose Systems to Auth Bypass and Command...
FortiSandbox Vulnerabilities Expose Systems to Auth Bypass and Command Execution Fortinet FortiSandbox administrators should review their environments after several critical vulnerabilities raised con...
May 2026: TeamPCP's Supply Chain Blitz Hits Checkmarx, GitHub, and npm
May 2026: TeamPCP’s Supply Chain Blitz Hits Checkmarx, GitHub, and npm May 2026 was defined by two threat actors operating at full intensity in parallel. ShinyHunters executed a major education-sector...
FortiBleed: SOCRadar's Investigation into 86,644 Compromised Fortinet ...
FortiBleed: SOCRadar’s Investigation into 86,644 Compromised Fortinet Firewalls [Updated: June 29th 9 AM EST] SOCRadar has attributed FortiBleed to the Lynx / INC ransomware group. Full technical repo...
CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root
CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root CVE-2026-20262 is a zero-day vulnerability in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) that lets an authenticated at...
CVE-2026-35273 in Oracle PeopleSoft PeopleTools EMHub Under Active Exp...
CVE-2026-35273 in Oracle PeopleSoft PeopleTools EMHub Under Active Exploitation Oracle has disclosed CVE-2026-35273, a critical Remote Code Execution (RCE) zero-day vulnerability in Oracle PeopleSoft ...
Ivanti Sentry’s CVE-2026-10520 Enables Root RCE
Ivanti Sentry’s CVE-2026-10520 Enables Root RCE CVE-2026-10520 is a critical OS command injection vulnerability in Ivanti Sentry that can allow a remote, unauthenticated attacker to execute commands a...
June 2026 Patch Tuesday: 206 Vulnerabilities, Three Zero-Days Includin...
June 2026 Patch Tuesday: 206 Vulnerabilities, Three Zero-Days Including HTTP/2 Bomb Flaw (CVE-2026-49160) Microsoft released its June 2026 Patch Tuesday security updates, resolving a total of 206 vuln...
SAP Security Patch Day June 2026: Critical CVE-2026-44748 SAML Flaw Co...
SAP Security Patch Day June 2026: Critical CVE-2026-44748 SAML Flaw Could Allow Full Authentication Bypass On June 9, 2026, SAP released its monthly security updates, which included 15 new Security No...