Blog

A critical prototype pollution vulnerability in the world most popular PDF reader was weaponized months before its public disclosure. This […]

A 17-year-old remote code execution vulnerability in the Microsoft Office Excel engine has been resurfaced for use in modern ransomware

A high-severity privilege escalation vulnerability in the Windows security subsystem has been patched following the public release of functional exploit

Attackers are actively exploiting a critical spoofing vulnerability in Microsoft SharePoint Server to falsify internal communications and facilitate social engineering

A legacy vulnerability in the Microsoft Visual Basic for Applications engine is being resurfaced by threat actors to achieve unauthorized

A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.

A critical prototype pollution vulnerability in the world most popular PDF reader has been active in the wild for several

Your endpoint management infrastructure is currently being targeted to achieve unauthorized code execution via a critical SQL injection flaw. This

A sophisticated new infostealer is bypassing traditional endpoint security by moving the decryption of stolen browser data to attacker-controlled infrastructure.

One of the most trusted HTTP client libraries in the JavaScript ecosystem was weaponized by a North Korea-nexus actor to