SimpleHelp CVE-2026-48558 Exploited to Deploy TaskWeaver and Djinn Stealer Malware
An unknown threat actor is exploiting CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp (CVSS 10.0), to deliver two new malware families:…
An unknown threat actor is exploiting CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp (CVSS 10.0), to deliver two new malware families:…
A public proof-of-concept (PoC) has been released for CVE-2026-55200, a critical vulnerability in the libssh2 client-side SSH library. The flaw, with a…
The FBI and CISA have updated their March warning about Russian intelligence phishing Signal accounts, adding a new tactic where attackers coax…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability affecting PTC Windchill PDMlink and PTC…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog following reports…
Ivanti, Fortinet, and SAP have released security patches addressing multiple critical vulnerabilities that could lead to arbitrary code execution and information disclosure.Fortinet…
Splunk has released urgent security updates to address a critical vulnerability in Splunk Enterprise, tracked as CVE-2026-20253, with a CVSS score of…
Palo Alto Networks has issued an urgent warning regarding active exploitation of a recently disclosed PAN-OS vulnerability, CVE-2026-0257 (CVSS score: 7.8), which…
Employee onboarding often involves sharing temporary passwords via email or SMS, creating security risks if intercepted or never changed. Attackers exploit weak…
A chain of three vulnerabilities in LiteLLM, a widely deployed open-source AI gateway, allows low-privilege users to escalate to full admin and…