The Cybersecurity Trust Reality in 2026
When organizations select a cybersecurity vendor, they’re placing critical operational resilience — people, data, and revenue — into that supplier’s...
critical
Technical Advisory: Axios npm Supply Chain Attack – Cross-Platform RAT Deployed via Compromised Maintainer Account
| Active RAT | Malicious npm versions removed | Assess all systems that ran npm install during exposure window...
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution Pierluigi Paganini March 30, 2026 Attackers are exploiting a critical...
Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug
Ravie LakshmananMar 28, 2026Vulnerability / Network Security A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway...
CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw
CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw Pierluigi Paganini March 27, 2026 CISA warns of...
The Team PCP Snowball Effect: A Quantitative Analysis
The PCP Team's supply chain attacks compromised two critical components of the development ecosystem: AquaSecurity's trivy-action and the Python...
Citrix NetScaler critical flaw could leak data, update now
Citrix NetScaler critical flaw could leak data, update now Pierluigi Paganini March 24, 2026 Citrix warns of a critical NetScaler...
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager
Oracle fixes critical RCE flaw CVE-2026-21992 in Identity Manager Pierluigi Paganini March 22, 2026 Oracle fixed a critical severity flaw,...
Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
Ravie LakshmananMar 21, 2026Vulnerability / Threat Intelligence Oracle has released security updates to address a critical security flaw impacting Identity...
Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure
A critical security flaw impacting Langflow has come under active exploitation within 20 hours of public disclosure, highlighting the speed...
Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Ravie LakshmananMar 20, 2026Web Security / Vulnerability Sansec is warning of a critical security flaw in Magento's REST API that...
Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking
Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking Pierluigi Paganini March 19, 2026 Ubiquiti fixed two UniFi vulnerabilities,...
PowerShell Is a Security Risk – Here’s How to Fix It
If you run a Windows environment, you already know how critical PowerShell is. It’s the backbone of modern administration, used for...
CVE-2026-3630: Critical Buffer Overflow in Delta Electronics COMMGR2 Enables Remote Code Execution
CVSS v3.1 base score of 9.8 (Critical) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, according to the CNA Delta Electronics COMMGR2 contains an...
Researchers warn of unpatched, critical Telnetd flaw affecting all versions
Researchers warn of unpatched, critical Telnetd flaw affecting all versions Pierluigi Paganini March 18, 2026 CVE-2026-32746 is a critical flaw...
