Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root
Ravie LakshmananJun 24, 2026Vulnerability / Network Security Threat actors have begun to exploit a recently disclosed critical security flaw impacting...
recently
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
Ravie LakshmananJun 20, 2026Vulnerability / Web Security Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a...
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation
Ravie LakshmananMay 30, 2026Vulnerability / Network Security Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting...
Why AMOS matters: The macOS malware stealing data at scale
Sophos Managed Detection and Response (MDR) teams recently responded to a customer incident involving an infostealer infection on a macOS...
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks
Ravie LakshmananMay 25, 2026Vulnerability / Web Security Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS...
DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could...
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Ravie LakshmananMay 18, 2026Zero Day / Vulnerability Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and...
Why AMOS matters: The macOS malware stealing data at scale
Sophos Managed Detection and Response (MDR) teams recently responded to a customer incident involving an infostealer infection on a macOS...
Your AI Agents Are Already Inside the Perimeter. Do You Know What They’re Doing?
Analysts recently confirmed what identity security teams have quietly feared: AI agents are being deployed faster than enterprises can govern...
AI Agents, Security Culture and a Conversation at Abbey Road Studios
I recently joined a panel at the iconic Abbey Road Studios to discuss a provocative theme: Your AI agent doesn’t...
Apple Fixes iPhone Bug After FBI Retrieved Signal Messages
Image: Bangyu Wang/Unsplash Apple has just fixed a bug that recently enabled the FBI to retrieve notification messages from a...
Apple Fixes iPhone Bug After FBI Retrieved Signal Messages
Image: Bangyu Wang/Unsplash Apple has just fixed a bug that recently enabled the FBI to retrieve notification messages from a...
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Ravie LakshmananApr 17, 2026Vulnerability / Enterprise Security A recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active...
Cargo thieving hackers running sophisticated remote access campaigns, researchers find
Security researchers recently spent a month getting a first-hand look at the activity of cybercriminals targeting the trucking and logistics...
Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
Ravie LakshmananApr 15, 2026Web Security / Vulnerability A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management...
