Public Elasticsearch Instances Expose 43M+ Records Including Credentia...
Public Elasticsearch Instances Expose 43M+ Records Including Credentials, Credit Cards, and Customer Data SOCRadar’s AI-powered Sensitive Data Exposure Monitoring service has identified three publicly...
CVE-2026-2441: Chrome Zero-Day Enables In-Sandbox Code Execution
CVE-2026-2441: Chrome Zero-Day Enables In-Sandbox Code Execution Google has patched CVE-2026-2441, noting that it is “aware that an exploit for CVE-2026-2441 exists in the wild” as of the Stable Chann...
January 2026: Instagram, BreachForums, SoundCloud Leaks, Trust Wallet ...
January 2026: Instagram, BreachForums, SoundCloud Leaks, Trust Wallet Backdoor January 2026 incident disclosures spanned consumer platforms, enterprise identity workflows, and the cybercrime ecosystem...
February 2026 Patch Tuesday: Six Active Zero-Days & 53 Other Flaws Add...
February 2026 Patch Tuesday: Six Active Zero-Days & 53 Other Flaws Addressed Microsoft released its February 2026 Patch Tuesday security updates, resolving a total of 59 vulnerabilities across Win...
CVE-2026-1731: RCE Risk in BeyondTrust RS and PRA
CVE-2026-1731: RCE Risk in BeyondTrust RS and PRA BeyondTrust has disclosed CVE-2026-1731, a vulnerability that enables Remote Code Execution (RCE) in BeyondTrust Remote Support (RS) and Privileged Re...
CVE-2026-25049: n8n Expression Sandbox Escape Enables RCE
CVE-2026-25049: n8n Expression Sandbox Escape Enables RCE n8n is widely used to automate business workflows, which also means it often sits close to credentials, internal APIs, and sensitive data. A n...
CVE-2025-11953 (Metro4Shell) in React Native Metro Server Enables RCE
CVE-2025-11953 (Metro4Shell) in React Native Metro Server Enables RCE A critical security flaw in the React Native Community CLI Metro development server has drawn attention following confirmed real-w...
What the Moltbook Exposure Reveals About AI Platforms and Security Rea...
What the Moltbook Exposure Reveals About AI Platforms and Security Readiness? A recent security finding involving Moltbook briefly pushed the platform into the spotlight – not because of a technical b...
CVE-2026-21509: APT28 Actively Exploits Microsoft Office Vulnerability...
CVE-2026-21509: APT28 Actively Exploits Microsoft Office Vulnerability in Ukraine On January 26, 2026, Microsoft released an update to address CVE-2026-21509, a high-severity vulnerability affecting n...
Notepad++ Infrastructure Hijacked in State-Linked Supply Chain Attack
Notepad++ Infrastructure Hijacked in State-Linked Supply Chain Attack Notepad++, one of the most widely used open-source text editors, has disclosed a security incident that did not stem from a softwa...
Epstein Files Guide: How to Reliably Search the Epstein Files?
Epstein Files Guide: How to Reliably Search the Epstein Files? This guide is for informational purposes only. The release of Jeffrey Epstein’s investigative files has been one of the most significant...
CVE-2026-25253: 1-Click RCE in OpenClaw Through Auth Token Exfiltratio...
CVE-2026-25253: 1-Click RCE in OpenClaw Through Auth Token Exfiltration CVE-2026-25253 is a critical security vulnerability classified as an Incorrect Resource Transfer Between Spheres (CWE-669) with ...
SolarWinds Web Help Desk Update Addresses High-Risk RCE & Auth Bypass ...
SolarWinds Web Help Desk Update Addresses High-Risk RCE & Auth Bypass Bugs SolarWinds has released an urgent security update for its Web Help Desk (WHD) platform after disclosing multiple vulnerab...
CVE-2026-1281 & CVE-2026-1340: Ivanti EPMM Zero-Day Vulnerabilities En...
CVE-2026-1281 & CVE-2026-1340: Ivanti EPMM Zero-Day Vulnerabilities Enable Unauthenticated RCE Ivanti has released emergency security updates after disclosing two critical vulnerabilities (CVE-202...
CVE-2026-22709: vm2 Sandbox Escape Vulnerability
CVE-2026-22709: vm2 Sandbox Escape Vulnerability A recently disclosed critical vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows attackers to escape the sandbox and e...
CVE-2026-1470 & CVE-2026-0863: Severe Sandbox Escape Vulnerabilities E...
CVE-2026-1470 & CVE-2026-0863: Severe Sandbox Escape Vulnerabilities Expose n8n Instances to RCE Workflow automation platforms sit at the core of modern operations and handle sensitive data and sy...
Is the RAMP Dark Web Forum Shut Down?
Is the RAMP Dark Web Forum Shut Down? [Update] February 27, 2026: “RAMP Members Exposed Through Independent OSINT Research” RAMP (Russian Anonymous Marketplace) has been taken offline following a law ...
CVE-2026-24858: Patch Released for Fortinet FortiOS SSO Authentication...
CVE-2026-24858: Patch Released for Fortinet FortiOS SSO Authentication Bypass A recent authentication bypass vulnerability affecting Fortinet products has drawn significant attention from security tea...
Okta Vishing Campaign Allegedly Linked to ShinyHunters: What You Need ...
Okta Vishing Campaign Allegedly Linked to ShinyHunters: What You Need to Know A recent disclosure from Okta has brought renewed attention to how voice phishing (vishing) campaigns are evolving to bypa...
Oracle January 2026 CPU Delivers 337 Security Patches Including CVE-20...
Oracle January 2026 CPU Delivers 337 Security Patches Including CVE-2025-66516 & CVE-2026-21962 Oracle has kicked off 2026 with a sizable security release that will immediately catch the attention...