Security Intelligence

CISA adds six new flaws to its KEV catalog

Multiple high-severity CVEs are being exploited in the wild, impacting enterprise infrastructure and developer...

Security Intelligence

Update: Fortinet Confirms New SAML SSO Issue Under Active Exploitation

On 01-22-2026, Fortinet released new analysis confirming the recently reported SSO intrusions stem from an unreported...

Security Intelligence

Fortinet FortiGate exploited via SSO authentication abuse

Researchers have identified an active campaign targeting Fortinet FortiGate devices, where attackers abuse SSO...

Security Intelligence

Threat actors exploit security-testing apps to breach cloud infrastructure

Threat actors are exploiting intentionally vulnerable security testing apps deployed in real cloud environments,...

Security Intelligence

Threat actors expand abuse of Visual Studio Code

Threat actors are abusing trusted Visual Studio Code workflows, using social engineering and malicious repositories to...

Security Intelligence

Phishing campaign behind CIRO breach signals rising threat to industry

CIRO’s August 2025 breach exposed investor data after a phishing attack. This analysis explores the incident and the...

Security Intelligence

China-nexus threat actors intensify targeting of internet‑facing systems in North America

New research shows China-aligned threat actors abusing zero-days and stolen credentials to gain persistent access to...

Security Intelligence

Knownsec leak uncovers China’s contractor-led cyber espionage

Leaked documents reveal how Chinese contractor Knownsec supports state-aligned cyber espionage through large-scale...

Security Intelligence

Fortinet issues fixes for critical flaws in FortiSIEM and FortiFone

Two critical Fortinet vulnerabilities in FortiSIEM and FortiFone enable unauthenticated exploitation when exposed...

Security Intelligence

MuddyWater expands Rust‑based operations and exposes build artefacts

MuddyWater is using a new Rust-based malware, RustyWater, delivered via malicious Word documents. Learn how to detect,...

Security Intelligence

POC available for critical vulnerability in Trend Micro Apex Central

A critical RCE vulnerability in Trend Micro Apex Central enables SYSTEM-level compromise. Public PoC increases risk;...

Security Intelligence

Veeam fixes 4 vulnerabilities in Backup & Replication that enable RCE

Veeam has patched multiple vulnerabilities in Backup & Replication that enable authenticated RCE. Learn who’s affected,...