BeyondTrust CVE-2026-1731 Pre-Auth RCE Flaw in Remote Support and PRA
BeyondTrust has released urgent security updates to fix a critical pre-authentication remote code execution (RCE) vulnerability affecting its Remote Support […]
NGINX Servers Targeted in Widespread Web Traffic Redirection Attacks
Researchers have uncovered a large-scale web traffic hijacking campaign that abuses malicious NGINX configurations to secretly intercept and redirect legitimate
CVE-2025-40551: SolarWinds Web Help Desk Vulnerability Actively Exploited
CISA has added a critical SolarWinds Web Help Desk vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that the
Notepad++ Supply Chain Attack Redirected Updates to Malware
A serious cybersecurity incident has come to light involving Notepad++, one of the world’s most popular free text editors used
SmarterMail Servers Exposed to Remote Code Execution: CVE-2026-24423
SmarterTools has released urgent security updates for its SmarterMail email server software, fixing multiple serious vulnerabilities, including a critical unauthenticated
Microsoft Office Zero-Day CVE-2026-21509 Actively Exploited
Microsoft has released emergency out-of-band security updates to fix a dangerous zero-day vulnerability in Microsoft Office that is being actively
CVE-2025-56005: Python PLY Bug Allows Remote Code Execution
A critical remote code execution (RCE) vulnerability has been discovered in Python PLY (Python Lex-Yacc), a well-known parsing library that
Critical VMware vCenter RCE Flaw CVE-2024-37079 Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical VMware vCenter Server vulnerability, tracked as CVE-2024-37079, to
Critical Cisco Unified CM Zero-Day CVE-2026-20045 Under Active Attack
Cisco has released urgent security updates to fix a critical zero-day vulnerability that is being actively exploited in the wild.
Think LinkedIn Is Safe? Hackers Are Using It to Spread Malware
Researchers have uncovered a dangerous new phishing campaign in which hackers are abusing LinkedIn private messages to spread malware. Instead
CVE-2026-23550: WordPress Plugin Under Active Exploitation
A critical WordPress security vulnerability has been discovered in the popular Modular DS plugin, and it is already being actively
Microsoft Fixes 114 Windows Bugs: January 2026 Patch Tuesday
Microsoft has released its first Patch Tuesday update of 2026, fixing a total of 114 security vulnerabilities in Windows. Importantly,
Trend Micro Patches Apex Central 9.8 Rated RCE Flaw: CVE-2025-69258
Trend Micro has released important security updates to fix multiple vulnerabilities in its Apex Central on-premise Windows platform. Among these
Cisco ISE Vulnerability With Public PoC: CVE-2026-20029
Cisco has released security updates to fix a medium-severity vulnerability in its Identity Services Engine (Cisco ISE) and ISE Passive
European Space Agency Hit by Cyber Breach & 200GB Data Leak
The European Space Agency (ESA) has confirmed that it is investigating a cybersecurity incident after reports emerged that hackers gained