RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN
A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious...
Vulnerability
Real-Time Risk Detection with Automated Vulnerability Assessment Tools
The global vulnerability landscape continues to expand rapidly, with thousands of new CVEs published every year. Thus, allowing hackers...
Dell RecoverPoint for VMs Zero-Day CVE-2026-22769 Exploited Since Mid-2024
Ravie LakshmananFeb 18, 2026Zero-Day / Vulnerability A maximum severity security vulnerability in Dell RecoverPoint for Virtual Machines has been exploited...
CVE-2026-1357: WordPress Plugin RCE Exposes Sites to Full Takeover
A critical vulnerability in the WPvivid Backup & Migration WordPress plugin allows unauthenticated attackers to upload and execute arbitrary PHP files...
Digital Hygiene for High-Profile Individuals
NisosDigital Hygiene for High-Profile Individuals In an era of constant connectivity, digital vulnerability isn’t limited to corporate executives. Any...
Microsoft Patches Windows Flaw Causing VPN Disruptions
Image: AndersonPiza/Envato Microsoft has patched a vulnerability in the Windows Remote Access Connection Manager (RasMan) service that was being exploited...
Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows
Ravie LakshmananFeb 05, 2026Workflow Automation / Vulnerability A new, critical security vulnerability has been disclosed in the n8n workflow automation...
Security Researchers Breach Moltbook in Record Time
Security researchers from cloud cybersecurity firm Wiz disclosed a critical vulnerability in Moltbook, a newly launched social network designed for...
Using AI Agents to Separate Real Risk From Vulnerability Noise
Snir Ben Shimol, CEO and co-founder of Zest Security, talks about why vulnerability and exposure management has become one of...
Flaw in Broadcom Wi-Fi Chipsets Illuminates Importance of Wireless Dependability and Business Continuity
A wireless vulnerability affecting Broadcom Wi-Fi chipsets represents a timely warning for organizations that need always-on wireless access and a prime example of how...
Smashing Security podcast #452: The dark web’s worst assassins, and Pegasus in the dock
In episode 452, a London-based YouTuber wins a landmark court case against Saudi Arabia after his phone was hacked with...
Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Ravie LakshmananJan 28, 2026Vulnerability / Open Source A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js...
Imperva Customers Protected Against CVE-2026-21962 in Oracle HTTP and WebLogic
What Is CVE-2026-21962? CVE-2026-21962 is a critical (CVSS 10.0) vulnerability in the Oracle HTTP Server and the WebLogic Server Proxy...
Critical SmarterMail vulnerability under attack, no CVE yet
Critical SmarterMail vulnerability under attack, no CVE yet Pierluigi Paganini January 22, 2026 A SmarterMail flaw (WT-2026-0001) is under active...
Smashing Security podcast #451: I hacked the government, and your headphones are next
In episode 451 of “Smashing Security,” we meet the cybercriminal who hacked the US Supreme Court, Veterans Affairs, and more...
