CVE-2026-42945: 18-Year-Old NGINX Rewrite Flaw May Enable Unauthenticated RCE
Web infrastructure bugs remain especially dangerous when they sit in widely deployed request-handling logic for years without detection. Among the…
Threats
CVE-2026-46300: Fragnesia Linux Kernel Flaw Grants Root via Page Cache Corruption
Local privilege-escalation bugs remain especially dangerous when they turn an ordinary user foothold into immediate root access. The CVE-2026-46300 vulnerability,…
CVE-2026-43500 and CVE-2026-43284: Dirty Frag Linux Privilege Escalation Flaw Raises Post-Compromise Risk
Linux local privilege escalation bugs remain especially dangerous when they turn a limited foothold into full root access. The CVE-2026-43500…
CVE-2026-23918: Critical Apache HTTP/2 Flaw Can Trigger DoS and Possible RCE
Apache has patched CVE-2026-23918, a critical flaw in Apache HTTP Server’s HTTP/2 handling that Apache describes as a “double free…
CVE-2026-0300: Palo Alto PAN-OS Zero-Day Enables Root RCE on Exposed Firewalls
Edge security appliances remain high-value targets, especially when a flaw can be exploited before a patch is widely available. The…
CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover
A newly disclosed CVE-2026-41940 vulnerability in cPanel & WHM has put internet-facing hosting infrastructure under urgent scrutiny. The flaw carries…
CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data
Apple has released security updates to address a Notification Services issue in iOS and iPadOS that could cause alerts marked…
CVE-2026-40372: Critical ASP.NET Core Flaw May Let Attackers Gain SYSTEM Privileges
Microsoft has released out-of-band updates for CVE-2026-40372, a high-impact ASP.NET Core privilege-escalation vulnerability tied to the platform’s Data Protection cryptographic…
DetectFlow: Deploying Detections at Scale Without the Engineering Overhead
The Problem: Achieving Threat Detections at Scale At SOC Prime, we have spent over a decade making detection engineering easier…
UAC-0247 Attack Detection: AGINGFLY Malware Targets Hospitals, Local Governments, and FPV Operators in Ukraine
Phishing remains one of the most effective tactics in the cybercriminal playbook, particularly when attackers exploit urgent humanitarian themes, trusted…