News
-
Critical WP Maps Pro Flaw Exploited to Create Admin Accounts
Read more: Critical WP Maps Pro Flaw Exploited to Create Admin AccountsCritical WP Maps Pro Flaw Exploited to Create Admin Accounts on WordPress Sites A critical WP Maps Pro flaw is now being actively exploited by attackers to create administrator accounts on vulnerable WordPress websites. The…
-
FortiClient EMS Vulnerability Exploited to Deploy EKZ Infostealer
Read more: FortiClient EMS Vulnerability Exploited to Deploy EKZ InfostealerFortiClient EMS Vulnerability Exploited to Deploy EKZ Infostealer A critical FortiClient EMS vulnerability has been exploited by threat actors to deliver a credential stealing malware known as EKZ Infostealer. The flaw is tracked as CVE-2026-35616.…
-
Gitea Vulnerability Exposes Private Images
Read more: Gitea Vulnerability Exposes Private ImagesGitea Vulnerability Exposes Private Container Images Without Authentication A serious Gitea vulnerability has raised concern for teams that use self hosted Git and container registry systems. The flaw, tracked as CVE 2026 27771, allowed unauthenticated…
-
Laravel Lang Supply Chain Attack
Read more: Laravel Lang Supply Chain AttackThe Laravel Lang supply chain attack has become an important warning for PHP and Laravel developers. In this incident, several community maintained Laravel Lang packages were compromised and used to deliver credential stealing malware. This…
-
Dirty Frag Vulnerability CVE-2026-43284 and CVE-2026-43500 Threaten Linux Systems
Read more: Dirty Frag Vulnerability CVE-2026-43284 and CVE-2026-43500 Threaten Linux SystemsA new Linux security issue called Dirty Frag is raising serious concerns in the cybersecurity community. The attack chain involves two vulnerabilities tracked as CVE-2026-43284 and CVE-2026-43500. Together, these flaws can allow a local attacker…
-
18-Year-Old NGINX Rewrite Module Flaw Could Allow Server Exploitation
Read more: 18-Year-Old NGINX Rewrite Module Flaw Could Allow Server ExploitationSecurity researchers have disclosed a critical vulnerability in the NGINX rewrite module that reportedly remained unnoticed for nearly 18 years. The flaw could allow attackers to exploit vulnerable NGINX servers through specially crafted requests, raising…
-
OpenAI Launches Daybreak for AI-Powered Cybersecurity Defense
Read more: OpenAI Launches Daybreak for AI-Powered Cybersecurity DefenseOpenAI has introduced a new cybersecurity initiative called Daybreak, a platform designed to strengthen AI-powered cyber defense capabilities. The launch reflects the growing role of artificial intelligence in helping organizations detect threats, analyze attacks, and…
-
cPanel Vulnerability CVE-2026-41940 Reportedly Under Active Exploitation
Read more: cPanel Vulnerability CVE-2026-41940 Reportedly Under Active ExploitationA newly disclosed cPanel vulnerability tracked as CVE-2026-41940 is reportedly being exploited in real-world attacks. The security issue has raised concerns because cPanel is widely used to manage web hosting servers and websites around the…
-
Google Chrome Reportedly Downloads AI Models Automatically, Raising Privacy Concerns
Read more: Google Chrome Reportedly Downloads AI Models Automatically, Raising Privacy ConcernsA new report says Google Chrome may quietly download a large AI model to some devices. In some cases, the download size can reach up to 4GB. As a result, many users worry about bandwidth…
-
Microsoft Confirms Active Exploitation of Windows Shell Vulnerability CVE-2026-32202
Read more: Microsoft Confirms Active Exploitation of Windows Shell Vulnerability CVE-2026-32202Microsoft has confirmed that attackers are actively exploiting a Windows Shell vulnerability tracked as CVE-2026-32202. The flaw was previously patched, but the company recently updated its advisory to state that real-world attacks have already been…