Windows Notepad Vulnerability Allows Attackers to Execute Code Remotely
Windows Notepad RCE Vulnerability Microsoft has patched a critical remote code execution (RCE) flaw in the Windows Notepad app, tracked as CVE-2026-20841, which could let…
Category: CyberSecurityNews
Windows Remote Desktop Services 0-Day Vulnerability Exploited in the Wild to Escalate Privileges
Windows Remote Desktop Services 0-Day Vulnerability Microsoft has patched CVE-2026-21533, a zero-day elevation of privilege vulnerability in Windows Remote Desktop Services (RDS) that attackers are…
TeamPCP Industrializes Cloud Misconfigurations Into a Self-Propagating Cybercrime Platform
TeamPCP, also known as PCPcat, ShellForce, and DeadCatx3, emerged in December 2025 as a sophisticated cloud-native threat actor targeting exposed Docker APIs, Kubernetes clusters, Ray…
SAP Security Patch Day – Critical Code Injection Vulnerability Fixed in SAP CRM and SAP S/4HANA
SAP Security Patch Day Fixed SAP CRM and SAP S/4HANA SAP’s February 2026 Security Patch Day delivered fixes that SAP urges customers to prioritize to…
Ivanti Endpoint Manager Vulnerability Lets Remote Attacker Leak Arbitrary Data
Multiple Ivanti Endpoint Manager Vulnerability Ivanti has released critical security updates for its Endpoint Manager (EPM) platform, addressing two newly discovered vulnerabilities that could enable…
Microsoft 365 Admin Center Outage Hits users in North America
Microsoft 365 Admin Center Outage Microsoft 365 administrators in North America are grappling with widespread access issues to the Microsoft 365 admin center, as confirmed…
Microsoft Patch Tuesday February 2026 – 54 Vulnerabilities Fixed, Including 6 Zero-days
Microsoft Patch Tuesday February 2026 Microsoft released its February 2026 Patch Tuesday updates on February 10, addressing 54 vulnerabilities, including six zero-days across Windows, Office,…
FortiOS Authentication Bypass Vulnerability Lets Attackers Bypass LDAP Authentication
FortiOS Authentication Bypass Vulnerability Fortinet has disclosed a high-severity authentication bypass vulnerability in FortiOS, tracked as CVE-2026-22153 (FG-IR-25-1052), that could allow unauthenticated attackers to sidestep…
FortiSandbox XSS Vulnerability Let Attackers Run Arbitrary Commands
FortiSandbox XSS Vulnerability Fortinet has disclosed a high-severity cross-site scripting (XSS) vulnerability in its FortiSandbox platform, tracked as CVE-2025-52436 (FG-IR-25-093), that enables unauthenticated attackers to…
Threat Hunting Is Critical to SOC Maturity but Often Misses Real Attacks
Threat Hunting Is Critical to SOC High-performing SOC teams are increasingly turning to sandbox-derived threat intelligence to make threat hunting repeatable and impactful. Tools like…
Hackers Weaponizing 7-Zip Downloads to Turn Your Home Computers into Proxy Nodes
A deceptive campaign targeting unsuspecting users has emerged, using a counterfeit version of the widely used 7-Zip file archiving software to silently transform home computers…
ILOVEPOOP Toolkit Exploiting React2Shell Vulnerability to Deploy Malicious Payload
The cybersecurity sector has been impacted by the sudden appearance of “React2Shell” (CVE-2025-55182), a critical vulnerability affecting Next.js and React Server Components. Following its public…