A critical pre-authentication remote code execution vulnerability in the Marimo reactive notebook framework is currently being exploited to compromise AI […]
Critical Marimo AI notebook pre-auth RCE vulnerability under active exploitation Read More »
Attackers have significantly ramped up exploitation of a critical zero-day vulnerability in endpoint management infrastructure. This improper access control flaw
Fortinet FortiClient EMS zero-day exploitation surges as hotfix deployment lags Read More »
A large-scale automated campaign is currently exploiting a critical pre-authentication RCE in Next.js applications to siphon credentials from cloud-native environments.
React2Shell campaign achieves industrial scale with NEXUS Listener command center Read More »
State-sponsored threat actors are bypassing endpoint security controls by compromising legacy network hardware to steal cloud authentication tokens. This campaign
Russian Forest Blizzard APT hijacks 18,000 routers to siphon Microsoft Office tokens Read More »
A critical supply chain compromise has impacted the official distribution site for @[CPUID](urn:li:organization:12345) utilities. Attackers successfully weaponized an internal API
CPUID API compromise leads to malware distribution via CPU-Z and HWMonitor Read More »
A critical remote code execution vulnerability has been identified in a legacy management component of Apache ActiveMQ Classic. Automated scanning
Decade-old Apache ActiveMQ RCE vulnerability targeted in mass scanning campaign Read More »
A sophisticated zero-day vulnerability in @[Adobe](urn:li:organization:1480) Reader is being weaponized in a targeted campaign that has remained active and undetected
Adobe Reader zero-day exploit used in targeted energy sector espionage since 2025 Read More »
Organizations have until the end of today to remediate a critical code injection vulnerability in a leading mobile management platform
Remediation deadline today for Ivanti EPMM code injection vulnerability in KEV Read More »
A sophisticated zero-day vulnerability in @[Adobe](urn:li:organization:1480) Reader is being leveraged in a targeted campaign that has remained undetected since at
Adobe Reader zero-day exploit used in months-long campaign targeting energy sector Read More »
A critical supply chain compromise has impacted the distribution infrastructure of the CPUID project. Attackers gained unauthorized access to an
Supply chain attack at CPUID pushes malware via poisoned CPU-Z installers Read More »
