Imperva Threat Research

Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM

Imperva Customers Protected Against CVE-2026-41940 in cPanel & WHM

AndyC 1 May 2026

What is CVE-2026-41940? CVE-2026-41940 is a critical authentication bypass vulnerability affecting cPanel & WHM, including DNSOnly, in versions after 11.40....

Read More

Chrome, Vivaldi, and the challenge of changing browsers

React2DoS (CVE-2026-23869): When the Flight Protocol Crashes at Takeoff

AndyC 10 April 2026

Executive Summary In this article, we disclose a new high severity unauthenticated remote denial‑of‑service vulnerability we identified and reported...

Read More

N8N: Shared Credentials and Account Takeover

N8N: Shared Credentials and Account Takeover

AndyC 4 March 2026

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely compromised the application’s...

Read More

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic

AndyC 27 January 2026

What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy...

Read More

This month in security with Tony Anscombe – May 2026 edition

This month in security with Tony Anscombe – May 2026 edition

AndyC 2 June 2026

In this roundup, Tony looks at attacks against Polish water treatment facilities, how AI-directed attacks failed in Mexico, and what Google believes is the first...

Read More

ESET APT Activity Report Q4 2025–Q1 2026

ESET APT Activity Report Q4 2025–Q1 2026

AndyC 2 June 2026

ESET ResearchThreat Reports An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2025 and Q1 2026 Jean-Ian...

Read More

What to consider before asking an AI chatbot for health advice

What to consider before asking an AI chatbot for health advice

AndyC 2 June 2026

Using chatbots for medical advice could elicit hallucinations and even expose you to security and privacy risks. Here’s what’s at stake and how to stay...

Read More

BTMOB: A stealthy RAT burrowing deep into Android devices

BTMOB: A stealthy RAT burrowing deep into Android devices

AndyC 27 May 2026

The malware pairs remote access capabilities with ready-made campaign tools, lowering the barrier for full device compromise Daniel Cunha Barbosa 26 May 2026 • ,...

Read More

Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise

Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise

AndyC 26 May 2026

Digital Security Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data Christian Ali Bravo...

Read More

Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise

Foul play: Fake FIFA websites target soccer fans looking for World Cup tickets, merchandise

AndyC 26 May 2026

Digital Security Watch out for bogus World Cup websites that mimic official ticket and merchandise flows to steal money and personal data Christian Ali Bravo...

Read More

Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold

Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold

AndyC 3 June 2026

Enterprise Spotlight: Rethinking cloud strategy in the age of AI

Welcoming the Philippine Government to Have I Been Pwned

AndyC 3 June 2026

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content

AndyC 3 June 2026

Pointing a Cursor at evading detection

Pointing a Cursor at evading detection

AndyC 3 June 2026

The AI Exchange: Innovators in Payment Security Featuring In-Solutions Global Ltd

The AI Exchange: Innovators in Payment Security Featuring In-Solutions Global Ltd

AndyC 3 June 2026