CISA Adds Actively Exploited ConnectWise and Windows Flaws to KEV
Ravie LakshmananApr 29, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security...
Hacking
Category Added in a WPeMatico Campaign
LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure
Ravie LakshmananApr 29, 2026Vulnerability / Cloud Security In yet another instance of threat actors quickly jumping on the exploitation bandwagon,...
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push
Ravie LakshmananApr 28, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and...
Brazilian LofyGang Resurfaces After Three Years With Minecraft LofyStealer Campaign
A cybercrime group of Brazilian origin has resurfaced after more than three years to orchestrate a campaign that targets Minecraft...
VECT 2.0 Ransomware Irreversibly Destroys Files Over 131KB on Windows, Linux, ESXi
Threat hunters are warning that the cybercriminal operation known as VECT 2.0 acts more like a wiper than a ransomware...
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a...
Why Secure Data Movement Is the Zero Trust Bottleneck Nobody Talks About
Every security program is betting on the same assumption: once a system is connected, the problem is solved. Open a...
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Ravie LakshmananApr 28, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging...
Critical Unpatched Flaw Leaves Hugging Face LeRobot Open to Unauthenticated RCE
Ravie LakshmananApr 28, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of a critical security flaw impacting LeRobot, Hugging...
After Mythos: New Playbooks For a Zero-Window Era
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI,...
After Mythos: New Playbooks For a Zero-Window Era
When patching isn’t fast enough, NDR helps contain the next era of threats. If you’ve been tracking advancements in AI,...
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Ravie LakshmananApr 28, 2026Cyber Espionage / Vulnerability A Chinese national accused of being a member of the Silk Typhoon hacking...
Chinese Silk Typhoon Hacker Extradited to U.S. Over COVID Research Cyberattacks
Ravie LakshmananApr 28, 2026Cyber Espionage / Vulnerability A Chinese national accused of being a member of the Silk Typhoon hacking...
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover
Ravie LakshmananApr 28, 2026Vulnerability / Identity Management An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID...
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
Ravie LakshmananApr 28, 2026Vulnerability / Threat Intelligence Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting...
