flaw

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

AndyC 28 January 2026

Ravie LakshmananJan 27, 2026Vulnerability / Cloud Security A critical security flaw has been disclosed in Grist‑Core, an open-source, self-hosted version...

Read More

ISO 27001:2013 vs 2022 – A Quick Comparison Guide

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog

AndyC 25 January 2026

U.S. CISA adds a flaw in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 24,...

Read More

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061)

AndyC 24 January 2026

11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061) Pierluigi Paganini January 24, 2026 Critical telnetd flaw CVE-2026-24061 (CVSS 9.8)...

Read More

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

Critical GNU InetUtils telnetd Flaw Lets Attackers Bypass Login and Gain Root Access

AndyC 23 January 2026

Ravie LakshmananJan 22, 2026Vulnerability / Linux A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd)...

Read More

U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog

AndyC 23 January 2026

U.S. CISA adds a flaw in Cisco Unified Communications products to its Known Exploited Vulnerabilities catalog Pierluigi Paganini January 22,...

Read More

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

AndyC 23 January 2026

Ravie LakshmananJan 22, 2026Vulnerability / Email Security A new security flaw in SmarterTools SmarterMail email software has come under active...

Read More

Security Blogs

Zoom fixed critical Node Multimedia Routers flaw

AndyC 22 January 2026

Zoom fixed critical Node Multimedia Routers flaw Pierluigi Paganini January 21, 2026 Zoom addressed a critical security vulnerability, tracked as...

Read More

ISO 27001:2013 vs 2022 – A Quick Comparison Guide

ACME flaw in Cloudflare allowed attackers to reach origin servers

AndyC 22 January 2026

ACME flaw in Cloudflare allowed attackers to reach origin servers Pierluigi Paganini January 21, 2026 Cloudflare fixed a flaw in...

Read More

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems

AndyC 21 January 2026

Critical TP-Link VIGI camera flaw allowed remote takeover of surveillance systems Pierluigi Paganini January 20, 2026 TP-Link fixed a critical...

Read More

Google Gemini Flaw Let Attackers Access Private Calendar Data

Google Gemini Flaw Let Attackers Access Private Calendar Data

AndyC 21 January 2026

Image: Freepik Security researchers have revealed a flaw in Google’s Gemini AI assistant that allowed attackers to quietly pull private...

Read More

Face value: What it takes to fool facial recognition

Face value: What it takes to fool facial recognition

AndyC 14 March 2026

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he'll demo it all at RSAC 2026...

Read More

Cyber fallout from the Iran war: What to have on your radar

Cyber fallout from the Iran war: What to have on your radar

AndyC 13 March 2026

The war in Iran was less than 24 hours old when it produced a historic first: the deliberate targeting of commercial data centers. On March...

Read More

Sednit reloaded: Back in the trenches

Sednit reloaded: Back in the trenches

AndyC 11 March 2026

Since April 2024, Sednit’s advanced development team has reemerged with a modern toolkit centered on two paired implants, BeardShell and Covenant, each using a different...

Read More

What cybersecurity actually does for your business

What cybersecurity actually does for your business

AndyC 7 March 2026

Business Security The ability to continue operating safely in an unsafe environment where competitors cannot is a competitive advantage that is rarely measured or discussed...

Read More

How SMBs use threat research and MDR to build a defensive edge

How SMBs use threat research and MDR to build a defensive edge

AndyC 6 March 2026

Corporate IT and security teams have the unenviable task of keeping relentless and increasingly sophisticated adversaries at bay. They’re often faced with limited resources and...

Read More

Protecting education: How MDR can tip the balance in favor of schools

Protecting education: How MDR can tip the balance in favor of schools

AndyC 5 March 2026

Business Security The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response...

Read More

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

Researchers warn of unpatched, critical Telnetd flaw affecting all versions

AndyC 19 March 2026

Menlo Security Adds Platform to Secure AI Agents

Menlo Security Adds Platform to Secure AI Agents

AndyC 19 March 2026

Randall Munroe’s XKCD ‘SNEWS’

Randall Munroe’s XKCD ‘SNEWS’

AndyC 19 March 2026

How to Implement Just-in-Time (JIT) User Provisioning with SSO and SCIM

How to Implement Just-in-Time (JIT) User Provisioning with SSO and SCIM

AndyC 19 March 2026

Everyone Is Deploying AI Agents. Almost Nobody Knows What They’re Doing.

Everyone Is Deploying AI Agents. Almost Nobody Knows What They’re Doing.

AndyC 19 March 2026