More results...
Automated investment platform Betterment has confirmed a data breach affecting approximately 1.4 million customers. The incident, which occurred in January 2026, was the result of a targeted social engineering attack rather than a direct exploit of the…
n8n has released urgent security updates to address a critical vulnerability that exposes host systems to Remote Code Execution (RCE). Tracked as CVE-2026-25049, this flaw allows authenticated attackers to escape the expression evaluation sandbox and e…
Moxa has released a critical security advisory addressing a severe vulnerability affecting multiple series of its industrial Ethernet switches. Tracked as CVE-2024-12297, this flaw allows remote attackers to bypass authentication mechanisms, potentiall…
The Go team has officially released versions 1.25.7 and 1.24.13. These minor point releases address two distinct security vulnerabilities affecting the cmd/cgo command and the crypto/tls library. The updates are recommended for all users to prevent pot…
A new cyber campaign where attackers are hijacking web servers to redirect visitors to malicious websites . The campaign targets NGINX, a popular web server software, and specifically focuses on servers using the Baota (BT) management panel. The attack…
WatchGuard has released a critical security update for its Mobile VPN with IPSec client for Windows to address a privilege escalation vulnerability. The flaw, originating in the underlying software provided by NCP engineering, allows local attackers to…
Cisco has released a security advisory detailing a high-severity vulnerability in Cisco Meeting Management (CMM). The flaw, caused by improper input validation, allows authenticated remote attackers to upload arbitrary files and potentially execute com…
Microsoft has officially begun rolling out native System Monitor (Sysmon) functionality to Windows 11, marking a significant shift for threat hunters and security operations centers (SOCs). Released via the Windows 11 Insider Preview Build 26300.7733 (…
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting VMware ESXi to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-22225, this zero-day flaw allows attackers to esca…
TP-Link has disclosed multiple critical authenticated command injection vulnerabilities affecting the Archer BE230 v1.2 Wi-Fi router, enabling attackers with administrative access to execute arbitrary commands and seize complete control of affected dev…