Splunk Enterprise for Windows Flaw Enables DLL Hijacking, SYSTEM Access
A serious flaw in Splunk Enterprise for Windows that lets low-privileged users hijack DLL loading and escalate to SYSTEM-level access. Tracked as CVE-2026-20140, this local…
A serious flaw in Splunk Enterprise for Windows that lets low-privileged users hijack DLL loading and escalate to SYSTEM-level access. Tracked as CVE-2026-20140, this local…
Feb. 20, 2026 – Advantest Corporation, a top supplier of semiconductor test equipment, revealed it is battling a ransomware attack that struck its network last…
A cache deception vulnerability in SvelteKit apps deployed on Vercel exposes sensitive user data to attackers. The flaw allows publicly cached responses to be authenticated.…
Serious vulnerabilities in four popular Visual Studio Code (VS Code) extensions, affecting over 128 million downloads. These flaws, including three assigned CVEs CVE-2025-65715, CVE-2025-65716, and…
Anthropic has quietly flipped the script on application security. On February 20, the company launched Claude Code Security, a new capability baked directly into Claude Code…
A popular open-source automation server used by developers worldwide to build, test, and deploy software faces serious security risks from recent flaws. On February 18,…
Federal authorities arrested three Silicon Valley engineers on Thursday, charging them with conspiring to steal trade secrets from Google and other tech giants. The case…
PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for nearly…
Google has revealed that it blocked more than 1.75 million malicious or policy‑violating Android apps from reaching users through the Play Store in 2025, highlighting…
A critical unauthenticated stack-based buffer overflow vulnerability, tracked as CVE-2026-2329, affecting Grandstream GXP1600 series VoIP phones. The vulnerability, rated as critical with a CVSS score of 9.8, allows remote attackers…
CharlieKirk Grabber is a Python-based Windows infostealer that focuses on rapid “smash‑and‑grab” credential theft and data exfiltration rather than long-term system control or destructive behavior.…
Ploutus malware is powering a new wave of “jackpotting” attacks that drain U.S. ATMs without needing a bank card, customer account, or bank authorization, prompting…