A critical remote code execution flaw in a legacy message broker is being actively exploited to deploy botnets and ransomware […]
Thirteen-year-old Apache ActiveMQ bug weaponized in new ransomware campaigns Read More »
Your mobile device management infrastructure is being targeted to achieve unauthenticated remote code execution. This vulnerability provides a direct path
CISA adds Ivanti EPMM code injection flaw to KEV following active exploitation Read More »
A highly sophisticated zero-day vulnerability in the world most popular PDF reader has been active in the wild since late
Sophisticated Adobe Reader zero-day exploit identified after months of active use Read More »
Attackers are industrializing the exploitation of a memory overread flaw to hijack enterprise sessions and bypass multi-factor authentication. This vulnerability
Confirmed exploitation of Citrix NetScaler memory disclosure flaw surging globally Read More »
A critical code injection flaw in a popular AI orchestration framework is being actively exploited to hijack agent workflows and
Threat actors weaponize Langflow AI framework RCE for automated data hijacking Read More »
State-sponsored threat actors are bypassing endpoint security by compromising legacy network hardware to intercept authentication tokens from cloud services. This
Russian Forest Blizzard APT hijacks 18,000 routers to siphon Microsoft Office tokens Read More »
Your endpoint management infrastructure is currently being weaponized to execute unauthorized commands via a critical API authentication bypass. This vulnerability
CISA adds critical Fortinet FortiClient EMS zero-day to KEV following mass exploitation Read More »
A novel hardware-level attack targeting GPU memory allows for cross-process memory corruption and full system privilege escalation. This attack bypasses
GPUBreach attack induces GDDR6 Rowhammer bit-flips for system takeover Read More »
A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.
React2Shell campaign achieves industrial scale with NEXUS Listener command center Read More »
Your endpoint management infrastructure is being targeted by unauthenticated attackers to achieve remote code execution via an API authentication bypass.
CISA orders emergency patching for actively exploited Fortinet EMS zero-day Read More »
