Over half of Magento stores subjected to PolyShell intrusions
Intrusions harnessing the PolyShell exploit impacting Adobe Commerce and Magento Open Source instances have already compromised 56.7% of all vulnerable e-com...
Vulnerability Disclosure
20 articles
AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It, PwC Warns
PwC Annual Threat Dynamics report says AI-threats are the biggest concern of clients
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic's Claude Google Chrome Extension that could have been exploited to trigger malicious pr...
Coruna iOS exploit framework linked to Triangulation attacks
The Coruna exploit kit is an evolution of the framework used in the Operation Triangulation espionage campaign, which in 2023 targeted iPhones via zero-click...
Cisco Patches Multiple Vulnerabilities in IOS Software
The high- and medium-severity flaws could lead to denial-of-service, secure boot bypass, information disclosure, and privilege escalation. The post Cisco Pat...
ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories
Some weeks in security feel loud. This one feels sneaky.
Critical NVIDIA Vulnerabilities Risk Remote Code Execution and Denial-of-Service Attacks
NVIDIA has recently published its March 2026 security bulletins, addressing a wave of newly discovered vulnerabilities across its hardware and software ecosy...
Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in New Mass Attacks
The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same ex...
Synology DiskStation Manager Vulnerability Puts Users at Risk of Remote Command Execution Attacks
Synology has issued an urgent security update for its DiskStation Manager (DSM) software to address a critical vulnerability. If left unpatched, this flaw co...
Quantro Security's Mehul Revankar on AI agents for vulnerability management
Mehul Revankar discusses Quantro Security, Inc., and its approach to AI-aided defense.
GitHub adds AI-powered bug detection to expand security coverage
GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages...
PolyShell attacks target 56% of all vulnerable Magento stores
Attacks leveraging the 'PolyShell' vulnerability in version 2 of Magento Open Source and Adobe Commerce installations are underway, targeting more than half ...
CISA's acting chief warns shutdown is increasing cyber risks, causing resignations
With CISA’s reduced capacity during the shutdown, Andersen said, the agency is largely limited to responding to imminent threats, protecting life and propert...
Critical PTC Windchill, FlexPLM vulnerability poses RCE risk
U.S.
AI, funding concerns threaten future of CVE program
The Common Vulnerabilities and Exposures program was noted by Intel Product Security Incident Response Team Director Katie Noble, who is a board member for t...
Cisco IOS XE Software Denial of Service Vulnerability
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected ...
Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability
A vulnerability in Cisco IOS XE Software for Cisco Meraki could allow a remote, unauthenticated attacker to view confidential device information. This vulner...
Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remo...
Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to...
Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability
A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded ...