Vulnerabilities Dashlane Reports Brute-Force Attack Affecting Encrypted Vaults of Under 20 Users Password manager Dashlane has disclosed a brute-force attack targeting two-factor authentication, resulting in encrypted vault downloads for fewer... Thirumala Rao Padilam June 2, 2026
Vulnerabilities Active Exploitation of PAN-OS GlobalProtect Authentication Bypass Vulnerability (CVE-2026-0257) Palo Alto Networks has disclosed an authentication bypass vulnerability in PAN-OS and Prisma Access that is actively exploited... Thirumala Rao Padilam May 30, 2026
Threat Intelligence JINX-0164 Targets Cryptocurrency Firms with Fake Recruiter Lures and macOS Malware A new threat actor named JINX-0164 employs recruitment-themed social engineering and custom macOS malware to target cryptocurrency firms,... Thirumala Rao Padilam May 28, 2026
Vulnerabilities Ghost CMS SQL Injection Vulnerability Exploited in Widespread ClickFix Campaign A critical SQL injection flaw in Ghost CMS is actively exploited in a large-scale campaign to inject malicious... Thirumala Rao Padilam May 24, 2026
Vulnerabilities Cisco Patches Critical CVSS 10.0 Vulnerability in Secure Workload’s REST API Cisco releases a security update addressing a critical vulnerability (CVE-2026-20223) in Secure Workload that allows unauthenticated attackers to... Thirumala Rao Padilam May 22, 2026
Vulnerabilities CISA Adds Actively Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV Catalog CISA has included two critical vulnerabilities affecting Langflow and Trend Micro Apex One in its Known Exploited Vulnerabilities... Thirumala Rao Padilam May 22, 2026
Vulnerabilities CISA Updates Known Exploited Vulnerabilities Catalog with New Nomination Form CISA has enhanced its Known Exploited Vulnerabilities Catalog by adding a new nomination form to facilitate reporting and... Thirumala Rao Padilam May 21, 2026
Vulnerabilities Critical Vulnerability in ChromaDB Python FastAPI Enables Remote Code Execution A maximum severity flaw in the latest Python FastAPI implementation of ChromaDB exposes servers to unauthenticated remote code... Thirumala Rao Padilam May 20, 2026
Vulnerabilities New Windows ‘MiniPlasma’ Zero-Day Exploit Enables SYSTEM Privilege Escalation A newly disclosed Windows zero-day privilege escalation vulnerability, called MiniPlasma, allows attackers to gain SYSTEM-level access on fully... Thirumala Rao Padilam May 18, 2026
Vulnerabilities Researchers Earn Over $1.2 Million for Exploiting 47 Zero-Days at Pwn2Own Berlin 2026 The Pwn2Own Berlin 2026 contest ended with hackers exploiting 47 zero-day vulnerabilities, earning a total of $1,298,250 in... Thirumala Rao Padilam May 18, 2026