CVE-2026-24061: Decade-Old Vulnerability in GNU InetUtils telnetd Enables Remote Root Access
A new day, a new challenge for cyber defenders. Right after the disclosure of a nasty zero-day vulnerability in Cisco’s…
Threats
CVE-2026-20045: Critical Zero-Day in Cisco Products Is Actively Exploited in the Wild
Hot on heels of the DoS vulnerability in Palo Alto Networks’ GlobalProtect (CVE-2026-0227), security professionals are facing another major challenge.…
CVE-2026-0227: Palo Alto Networks Fixes GlobalProtect DoS Flaw Allowing Remote Firewall Disruption
Shortly after Microsoft’s massive January Patch Tuesday release addressing the CVE-2026-20805 zero-day vulnerability in Windows Desktop Window Manager, another technology…
CVE-2026-20805: Microsoft Fixes Actively Exploited Windows Desktop Manager Zero-Day
As 2026 gets underway, the pace of critical vulnerability disclosures shows little sign of easing. Following the recent MongoBleed (CVE-2025-14847)…
UAC-0190 Attack Detection: Fake Charity Lures Used to Deploy the PLUGGYAPE Backdoor Against the Ukrainian Armed Forces
On January 12, 2026, the CERT-UA team disclosed a targeted cyber-espionage campaign against the Ukrainian Armed Forces that abused charity-themed…
CVE-2026-21858 aka Ni8mare: Critical Unauthenticated Remote Code Execution Vulnerability in n8n Platform
The surge of critical vulnerabilities shows no signs of slowing as 2026 begins. In the aftermath of the MongoBleed (CVE-2025-14847)…
What Are the Main AI-Assisted Cyber-Attacks and Scams?
AI-assisted threats aren’t a brand-new genre of attacks. They’re familiar tactics-phishing, fraud, account takeover, and malware delivery-executed faster, at greater…
CVE-2025-14733 Vulnerability: WatchGuard Addresses a Critical RCE Affecting Firebox Firewalls, Actively Exploited for Real-World Attacks
Just days before Christmas, another critical vulnerability has emerged, continuing a surge of actively exploited flaws alongside recent zero-days in…
CVE-2025-20393 Exploitation: A Maximum-Severity Zero-Day Vulnerability in Cisco AsyncOS Software Abused in Attacks by the China-Backed APT UAT-9686
As 2025 draws to a close, yet another critical Cisco zero-day has emerged, joining earlier high-severity disclosures: two RCE flaws…
CVE-2025-14174 Vulnerability: A New Memory Corruption Zero-Day Vulnerability in Apple WebKit Exploited in Targeted Attacks
Zero-day vulnerabilities continue to pose increasing risks, enabling attackers to weaponize undisclosed weaknesses ahead of defensive fixes. Following a disclosure…