Security Intelligence

Update: ShinyHunters used zero‑day to breach PeopleSoft environments

ShinyHunters’ exploitation of Oracle PeopleSoft is confirmed to involve a zero‑day in the Environment Management Hub...

Security Intelligence

ShinyHunters target Oracle PeopleSoft in large-scale data theft campaign

ShinyHunters is conducting large-scale data theft operations against Oracle PeopleSoft by combining multiple flaws with...

Security Intelligence

Langflow flaw under active exploitation with no patch available

An actively exploited zero-day in Langflow can lead to full system compromise if not contained. The issue remains...

Security Intelligence

UniFi OS flaws: New findings reveal broader impact and silent exploitation path

UniFi OS flaws allow full control of the system with a single unauthenticated request, resulting in a much broader...

Security Intelligence

Ransomware affiliate leveraging Check Point VPN vulnerability

A Qilin ransomware affiliate has been actively exploiting a critical authentication bypass in Check Point's Remote...

Security Intelligence

Active exploitation of unpatched Cisco SD‑WAN Manager flaw

A zero‑day in Cisco Catalyst SD‑WAN Manager enables attackers with netadmin access to execute commands as root and push...

Security Intelligence

Critical Cisco UCM flaw exposes voice infrastructure to remote compromise

A newly disclosed flaw in Cisco Unified Communications Manager exposes organizations to a high-impact attack path that...

Security Intelligence

Linux container escape flaw exploited: validate kernel fixes/controls

A 2022 Linux kernel flaw allowing a local adversary to escape a container and execute code as root on the host system...

Security Intelligence

Red Hat npm packages backdoored via compromised CI/CD pipeline

Multiple npm packages were compromised in a major supply-chain attack distributing a Shai-Hulud-derived...

Security Intelligence

PAN-OS GlobalProtect auth flaw actively targeted

A critical missing authentication flaw in marimo, an open-source Python notebook platform, allows unauthenticated...

Security Intelligence

Critical Marimo notebook flaw exploited in LLM-agent-driven intrusion

A critical missing authentication flaw in marimo, an open-source Python notebook platform, allows unauthenticated...

Security Intelligence

Public PoC available for 7‑Zip memory corruption flaw

A high-severity flaw in 7-Zip (CVE-2026-48095) exposes systems to potential code execution via malicious archive files,...