Your endpoint management infrastructure is currently being targeted to achieve unauthorized code execution via a critical SQL injection flaw. This […]
CISA adds critical Fortinet FortiClient EMS SQL injection to KEV catalog Read More »
A critical prototype pollution vulnerability in the world most popular PDF reader has been active in the wild for several
Adobe patches critical Acrobat and Reader zero-day exploited since 2025 Read More »
Attackers are industrializing the exploitation of a memory overread flaw to hijack enterprise sessions and bypass multi-factor authentication. This vulnerability
Active exploitation of Citrix NetScaler memory disclosure flaw surging globally Read More »
A critical pre-authentication remote code execution vulnerability in the Marimo reactive notebook framework is currently being exploited to compromise AI
Critical Marimo AI notebook pre-auth RCE vulnerability under active exploitation Read More »
One of the most trusted HTTP client libraries in the JavaScript ecosystem was weaponized by a North Korea-nexus actor to
North Korean UNC1069 attributed to Axios npm supply chain compromise Read More »
A sophisticated new infostealer is bypassing traditional endpoint security by moving the decryption of stolen browser data to attacker-controlled infrastructure.
Storm infostealer bypasses local decryption to hijack enterprise sessions Read More »
A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.
React2Shell campaign achieves industrial scale with NEXUS Listener command center Read More »
Attackers have significantly ramped up exploitation of a critical zero-day vulnerability in endpoint management infrastructure. This improper access control flaw
Fortinet FortiClient EMS zero-day exploitation surges as hotfix deployment lags Read More »
A critical pre-authentication remote code execution vulnerability in the Marimo reactive notebook framework is currently being exploited to compromise AI
Critical Marimo AI notebook pre-auth RCE vulnerability under active exploitation Read More »
State-sponsored threat actors are bypassing endpoint security controls by compromising legacy network hardware to steal cloud authentication tokens. This campaign
Russian Forest Blizzard APT hijacks 18,000 routers to siphon Microsoft Office tokens Read More »
