CVE-2026-42530: Critical NGINX HTTP/3 Flaw Can Trigger DoS and Possible RCE
F5 has released out-of-band security updates to address multiple NGINX Vulnerabilities, including CVE-2026-42530, a critical issue in the ngx_http_v3_module that…
Threats
CVE-2026-20262: Cisco SD-WAN Manager Zero-Day Can Lead to Root Privilege Escalation
Cisco has released security updates for an SD-WAN vManage flaw exploited in zero-day attacks. The issue, tracked as CVE-2026-20262, affects…
CVE-2026-11645: Chrome Zero-Day Vulnerability Exploited in the Wild
Google has released emergency Chrome updates to address a Chrome zero-day vulnerability, a high-severity out-of-bounds read/write issue in the V8…
CVE-2026-50751: Check Point VPN Authentication Bypass Exploited in Targeted Attacks
Organizations continue to face elevated risk from edge-device flaws that can hand attackers an initial foothold without valid credentials. CVE-2026-50751…
CVE-2026-20245: Cisco SD-WAN Manager Zero-Day Enables Root Command Execution
Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of…
CVE-2026-49975: HTTP/2 Bomb Attack Can Knock Web Servers Offline in Seconds
A newly disclosed denial-of-service vulnerability, tracked as CVE-2026-49975, shows how long-known HTTP/2 weaknesses can still be chained into a highly…
CVE-2026-48095: 7-Zip Heap Buffer Overflow Can Lead to Code Execution
CVE-2026-48095 in 7-Zip has raised fresh concerns around malicious archive handling and user-driven exploitation. According to GitHub Security Lab, the…
UAC-0057 Attack Detection: OYSTERFRESH, OYSTERSHUCK, and OYSTERBLUES Fuel Phishing Campaigns Against Ukrainian State Organizations
Phishing remains one of the most effective tools in the cybercriminal arsenal, especially when threat actors abuse trusted identities, compromised…
CVE-2026-9082: Highly Critical Drupal Core SQL Injection Flaw Threatens PostgreSQL Sites
Drupal has released security updates for a “highly critical” security vulnerability in Drupal Core that can be exploited by anonymous…
CVE-2026-45585: YellowKey BitLocker Bypass Exposes Encrypted Data on Windows Devices
BitLocker is designed to protect data at rest even when a device is lost, stolen, or powered off, which is…