CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...

Four critical flaws were recently patched, and some AP versions are creating undeletable, growing files.

Escape is the best XBOW alternative for continuous AI pentesting across APIs, web apps, and complex authentication — with ...

A sophisticated wave of ransomware attacks has remained a threat to Nigerian government agencies and tier-1 financial ...

The little exploit that could.

This week in cybersecurity: 338 new CVEs published including 11 critical severity. 9 vulnerabilities added to CISA KEV catalog. Plus major developments in AI security, supply chain attacks, and ...

Splunk has disclosed a high-severity security flaw that can allow remote code execution in affected Splunk Enterprise and ...

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

SAP has released 19 new security notes on its April 2026 security patch day, including one that resolves a critical-severity ...

A security researcher known as Chaotic Eclipse recently disclosed a vulnerability dubbed "Red Sun" affecting Microsoft ...

CISA warned U.S. government agencies to secure their systems against a Windows Task Host privilege escalation vulnerability ...