Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Ravie LakshmananJan 28, 2026Vulnerability / Open Source A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js...
critical
Pwn2Own: Researchers Earn $1 Million for 76 Zero-Days
Discovering critical vulnerabilities across connected vehicles, EV chargers, and automotive systems As connected cars proliferate worldwide, data security for vehicles...
Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas
Ravie LakshmananJan 27, 2026Vulnerability / Cloud Security A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version...
Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic
What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy...
New DynoWiper Malware Used in Attempted Sandworm Attack on Polish Power Sector
Ravie LakshmananJan 24, 2026Malware / Critical Infrastructure The Russian nation-state hacking group known as Sandworm has been attributed to what...
11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)
11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061) Pierluigi Paganini January 24, 2026 Critical telnetd flaw CVE-2026-24061 (CVSS 9.8)...
Agentic AI Exposes New Cybersecurity Risks for Enterprises
A new era of digital finance is emerging as the intersection of artificial intelligence and cybersecurity becomes increasingly critical. In...
Critical SmarterMail vulnerability under attack, no CVE yet
Critical SmarterMail vulnerability under attack, no CVE yet Pierluigi Paganini January 22, 2026 A SmarterMail flaw (WT-2026-0001) is under active...
Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access
Ravie LakshmananJan 22, 2026Vulnerability / Linux A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd)...
Zoom and GitLab Patch RCE, DoS, and 2FA Bypass Vulnerabilities
Image: Unsplash Two of the world’s most critical business platforms just dropped emergency security patches that could prevent complete network...
Zoom fixed critical Node Multimedia Routers flaw
Zoom fixed critical Node Multimedia Routers flaw Pierluigi Paganini January 21, 2026 Zoom addressed a critical security vulnerability, tracked as...
New iOS and iPadOS Flaws Leave Millions of iPhones at Risk
Image: Amanz/Unsplash No clicks. No warnings. Full device access. Apple confirmed two critical WebKit vulnerabilities affecting millions of iPhones and...
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems
Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems Pierluigi Paganini January 20, 2026 TP-Link fixed a critical...
