exploited

The Future of AI Defense: Implementing Quantum-Resistant Cryptography for MCP

How Escape AI Pentesting Exploited SSRF in LiteLLM

AndyC 2 May 2026

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive Security...

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

AndyC 1 May 2026

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure Pierluigi Paganini April 29, 2026 Attackers quickly exploited a critical LiteLLM...

Vendor News

Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch

AndyC 30 April 2026

Microsoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for unpatched...

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

AndyC 15 April 2026

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day Pierluigi Paganini April 15, 2026 Microsoft Patch Tuesday security...

U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog

AndyC 8 April 2026

U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 07, 2026...

Security Blogs

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

AndyC 6 April 2026

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw Pierluigi Paganini April 06, 2026 Fortinet issued emergency patches for a critical FortiClient...

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

AndyC 5 April 2026

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 04, 2026 The...

U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog

AndyC 2 April 2026

U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 01, 2026 The...

Google fixes fourth actively exploited Chrome zero-day of 2026

AndyC 2 April 2026

Google fixes fourth actively exploited Chrome zero-day of 2026 Pierluigi Paganini April 01, 2026 Google fixed a new Chrome zero-day,...

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog

AndyC 1 April 2026

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 31, 2026 The...

Security Blogs

exploited

How Escape AI Pentesting Exploited SSRF in LiteLLM

CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch

Microsoft Patch Tuesday for April 2026 fixed actively exploited SharePoint zero-day

U.S. CISA adds a flaw in Fortinet FortiClient EMS to its Known Exploited Vulnerabilities catalog

CVE-2026-35616: Fortinet fixes actively exploited high-severity flaw

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a flaw in Google Dawn to its Known Exploited Vulnerabilities catalog

Google fixes fourth actively exploited Chrome zero-day of 2026

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

U.S. CISA adds a flaw in F5 BIG-IP AMP to its Known Exploited Vulnerabilities catalog

U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a Langflow flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Apple, Laravel Livewire and Craft CMS flaws to its Known Exploited Vulnerabilities catalog

The calm before the ransom: What you see is not all there is

The calm before the ransom: What you see is not all there is

GopherWhisper: A burrow full of malware

GopherWhisper: A burrow full of malware

New NGate variant hides in a trojanized NFC payment app

New NGate variant hides in a trojanized NFC payment app

Donate Bitcoin to this address

Donate Ethereum to this address

Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

CISA Admin Leaked AWS GovCloud Keys on Github

Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed