A legacy vulnerability in the Microsoft Visual Basic for Applications engine is being resurfaced by threat actors to achieve unauthorized […]
Microsoft Visual Basic VBA insecure library loading flaw added to CISA KEV Read More »
Your endpoint management infrastructure is currently being targeted to achieve unauthorized code execution via a critical SQL injection flaw. This
CISA adds critical Fortinet FortiClient EMS SQL injection to KEV catalog Read More »
A critical prototype pollution vulnerability in the world most popular PDF reader has been active in the wild for several
Adobe patches critical Acrobat and Reader zero-day exploited since 2025 Read More »
Attackers are industrializing the exploitation of a memory overread flaw to hijack enterprise sessions and bypass multi-factor authentication. This vulnerability
Active exploitation of Citrix NetScaler memory disclosure flaw surging globally Read More »
A critical pre-authentication remote code execution vulnerability in the Marimo reactive notebook framework is currently being exploited to compromise AI
Critical Marimo AI notebook pre-auth RCE vulnerability under active exploitation Read More »
One of the most trusted HTTP client libraries in the JavaScript ecosystem was weaponized by a North Korea-nexus actor to
North Korean UNC1069 attributed to Axios npm supply chain compromise Read More »
A sophisticated new infostealer is bypassing traditional endpoint security by moving the decryption of stolen browser data to attacker-controlled infrastructure.
Storm infostealer bypasses local decryption to hijack enterprise sessions Read More »
A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.
React2Shell campaign achieves industrial scale with NEXUS Listener command center Read More »
Attackers have significantly ramped up exploitation of a critical zero-day vulnerability in endpoint management infrastructure. This improper access control flaw
Fortinet FortiClient EMS zero-day exploitation surges as hotfix deployment lags Read More »
A critical pre-authentication remote code execution vulnerability in the Marimo reactive notebook framework is currently being exploited to compromise AI
Critical Marimo AI notebook pre-auth RCE vulnerability under active exploitation Read More »
