AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Swati KhandelwalJun 06, 2026Vulnerability / Endpoint Security Two things landed within days of each other this week. A security startup...
2026Vulnerability
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Ravie LakshmananJun 06, 2026Vulnerability / Network Security Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has...
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Swati KhandelwalJun 04, 2026Vulnerability / Network Security Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated...
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
Swati KhandelwalJun 04, 2026Vulnerability / AI Security A security researcher found a flaw in Anthropic's Claude Code GitHub Action that...
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
Swati KhandelwalJun 03, 2026Vulnerability / Artificial Intelligence A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could...
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Ravie LakshmananJun 03, 2026Vulnerability / Software Development Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS...
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Ravie LakshmananJun 03, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited...
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Ravie LakshmananJun 03, 2026Vulnerability / Server Security Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers,...
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Ravie LakshmananJun 02, 2026Vulnerability / Mobile Security Google on Monday released patches for 124 security vulnerabilities impacting its Android operating...
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
Ravie LakshmananJun 02, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity...
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Ravie LakshmananJun 01, 2026Vulnerability / Website Security, Threat actors are attempting to actively exploit a critical security flaw impacting WP...
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
Ravie LakshmananMay 30, 2026Vulnerability / Network Security Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting...
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
Ravie LakshmananMay 29, 2026Vulnerability / Artificial Intelligence An unknown threat actor has been observed using a large language model (LLM)...
Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
Ravie LakshmananMay 28, 2026Vulnerability / Open Source A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted...
Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer
Ravie LakshmananMay 28, 2026Vulnerability / Endpoint Security Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient...
