CVE-2026-48172: Severe LiteSpeed cPanel Plugin Flaw Under Active Attack
A critical security flaw in the LiteSpeed User-End cPanel Plugin is being actively exploited by attackers, raising serious concerns for […]
Web Security
Critical cPanel Flaw CVE-2026-41940 Exploited to Deploy Filemanager Backdoor
A newly disclosed critical vulnerability in cPanel is already being actively exploited by cybercriminals to compromise servers, steal credentials, and
CVE-2026-23918: Apache HTTP/2 Bug Allows DoS and RCE
A serious security flaw has been discovered in the widely used Apache HTTP Server, raising concerns across the cybersecurity community.
Critical nginx-ui Flaw CVE-2026-33032 Enables Full Server Takeover
A newly discovered and actively exploited vulnerability in nginx-ui is raising serious concerns across the cybersecurity community. The flaw, tracked
Critical Chrome Flaw CVE-2026-5281 Exploited in the Wild
In a fresh security alert, Google has released an important update for its widely used browser Google Chrome, fixing 21
Citrix Warns of Critical NetScaler Flaw That Could Leak Sensitive Data
Citrix has issued an urgent security advisory warning organizations to patch a critical vulnerability affecting Citrix NetScaler ADC and Citrix
FileZen CVE-2026-25108 Actively Exploited Command Injection Vulnerability
CISA has officially confirmed that a serious security flaw in FileZen, a popular file transfer product, is being actively exploited by
Critical Chrome Security Flaw CVE-2026-2441 Under Active Attack
Google has released an urgent security update for its Chrome web browser after confirming that a dangerous zero-day vulnerability is
Fortinet Patches Critical FortiClientEMS SQL Injection Vulnerability (CVE-2026-21643)
Fortinet has released important security updates to fix a critical SQL injection (SQLi) vulnerability in FortiClientEMS, a widely used endpoint
BeyondTrust CVE-2026-1731 Pre-Auth RCE Flaw in Remote Support and PRA
BeyondTrust has released urgent security updates to fix a critical pre-authentication remote code execution (RCE) vulnerability affecting its Remote Support
NGINX Servers Targeted in Widespread Web Traffic Redirection Attacks
Researchers have uncovered a large-scale web traffic hijacking campaign that abuses malicious NGINX configurations to secretly intercept and redirect legitimate
CVE-2025-40551: SolarWinds Web Help Desk Vulnerability Actively Exploited
CISA has added a critical SolarWinds Web Help Desk vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that the
SmarterMail Servers Exposed to Remote Code Execution: CVE-2026-24423
SmarterTools has released urgent security updates for its SmarterMail email server software, fixing multiple serious vulnerabilities, including a critical unauthenticated
CVE-2026-23550: WordPress Plugin Under Active Exploitation
A critical WordPress security vulnerability has been discovered in the popular Modular DS plugin, and it is already being actively
IBM API Connect Hit by CVE-2025-13915 Authentication Bypass Bug
IBM has released an urgent security warning after discovering a critical vulnerability in IBM API Connect that could allow attackers