A critical code injection flaw in a popular AI orchestration framework is being actively exploited to hijack agent workflows and […]
Threat actors weaponize Langflow AI framework RCE for automated data hijacking Read More »
State-sponsored threat actors are bypassing endpoint security by compromising legacy network hardware to intercept authentication tokens from cloud services. This
Russian Forest Blizzard APT hijacks 18,000 routers to siphon Microsoft Office tokens Read More »
Your endpoint management infrastructure is currently being weaponized to execute unauthorized commands via a critical API authentication bypass. This vulnerability
CISA adds critical Fortinet FortiClient EMS zero-day to KEV following mass exploitation Read More »
A novel hardware-level attack targeting GPU memory allows for cross-process memory corruption and full system privilege escalation. This attack bypasses
GPUBreach attack induces GDDR6 Rowhammer bit-flips for system takeover Read More »
A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.
React2Shell campaign achieves industrial scale with NEXUS Listener command center Read More »
Your endpoint management infrastructure is being targeted by unauthenticated attackers to achieve remote code execution via an API authentication bypass.
CISA orders emergency patching for actively exploited Fortinet EMS zero-day Read More »
A potent privilege escalation exploit for an unpatched Windows flaw has been released publicly‚ providing attackers with a reliable path
BlueHammer Windows zero-day exploit leaked following private report dispute Read More »
A critical vulnerability in the management interface of high-performance server hardware allows unauthenticated attackers to gain full administrative control. This
Cisco releases emergency fixes for critical Integrated Management Controller bypass Read More »
One of the most trusted HTTP client libraries in the JavaScript ecosystem has been weaponized by a North Korea-nexus actor
North Korean UNC1069 attributed to Axios npm supply chain compromise Read More »
Attackers are industrializing the exploitation of a memory overread flaw to hijack enterprise sessions and bypass multi-factor authentication. This vulnerability
Active exploitation of Citrix NetScaler memory disclosure flaw surging globally Read More »
