CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day Pierluigi Paganini May 15, 2026 Microsoft warned that attackers are exploiting a new Exchange Server zero-day…
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service. Source link
Attackers returned once again to a common target with a massive user base by exploiting a max-severity zero-day vulnerability affecting Cisco Catalyst SD-WAN Controller and…
Executive Summary This article examines new obfuscation techniques the Gremlin stealer malware uses to conceal malicious payloads within embedded resources. We analyze a variant protected…
“A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an…
Researchers at Darktrace disclosed a China-linked cyberespionage campaign targeting organizations primarily across the Asia-Pacific and Japan region using an updated version of the FDMTP backdoor…
The U.S. National Institute of Standards and Technology advanced nine digital signature algorithms to the third round of its additional post-quantum cryptography standardization effort, as…
The first alerts showed up on February 19. Then again, on February 24. Initially, it was just small blips in a sea of alerts. The…
In recent months, a new infostealer malware known as REMUS has emerged across the cybercrime landscape, drawing attention from security researchers and malware analysts. Several…
Pwn2Own Berlin 2026 opened with a surge of zero-day exploits targeting modern browsers, operating systems, and emerging AI platforms. On Day One alone, security researchers…
IT subcontractors have spent years preparing for cyberattacks. Data breaches, ransomware and supply chain vulnerabilities all remain constant threats. But in 2026, a different problem…
Gunra ransomware is rapidly evolving into a more structured and dangerous cybercrime operation after shifting from a Conti-based locker to its own Ransomware-as-a-Service (RaaS) model.…
