Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape
Ravie LakshmananApr 22, 2026Vulnerability / Container Security A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium...
critical
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Ravie LakshmananApr 20, 2026Open Source / Server Security A critical security vulnerability has been disclosed in SGLang that, if successfully...
Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain
Ravie LakshmananApr 20, 2026Artificial Intelligence / Vulnerability Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context...
Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Ravie LakshmananApr 16, 2026Vulnerability / Network Security Cisco has announced patches to address four critical security flaws impacting Identity Services...
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Ravie LakshmananApr 15, 2026Web Security / Vulnerability A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management...
April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More
Ravie LakshmananApr 15, 2026Vulnerability / Data Breach A number of critical vulnerabilities impacting products from Adobe, Fortinet, Microsoft, and SAP have...
Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months
Image: Generated via Google’s Nano Banana Adobe rushed an emergency patch for a critical flaw under active attack. Discovered by...
Enterprise Security for Your Brand’s YouTube Channel
For many businesses, a YouTube channel is far more than a video-sharing platform. It is a critical marketing asset, a...
ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers
Ravie LakshmananApr 14, 2026Vulnerability / Network Security A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in...
Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621
Ravie LakshmananApr 12, 2026Vulnerability / Endpoint Security Adobe has released emergency updates to fix a critical security flaw in Acrobat...
Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed
Image: ChatGPT A critical Android software development kit (SDK) flaw has turned a utility tool into a malware bridge, gaining...
AI Expansion, Security Crises, and Workforce Upheaval Define This Week in Tech
Image: Generated via ChatGPT From multimodal AI launches and trillion-dollar infrastructure bets to critical zero-days and a fresh wave of...
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
Ravie LakshmananApr 10, 2026Vulnerability / Threat Intelligence A critical security vulnerability in Marimo, an open-source Python notebook for data science and...
U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs
U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs Pierluigi Paganini April 08, 2026 U.S. agencies warn Iran-linked threat actors...
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers...
