Cisco SD-WAN Security Flaw Actively Exploited for Root-Level Command Execution
Cisco has disclosed a high-severity vulnerability in its Catalyst SD-WAN Manager that is actively being exploited in the wild, allowing attackers to execute ...
Threat Intelligence Feed
Aggregating 5517 articles from trusted cybersecurity sources
Latest News
The Evil MSI Background is Back!, (Fri, Jun 5th)
A few months ago, I wrote a diary about a payload that was embedded into a JPEG picture. It was a MSI-branded background[1].
Let’s Encrypt Introduces Merkle Tree Certificates for Post-Quantum Web Security
Let’s Encrypt has unveiled a new approach to securing the web against future quantum threats: Merkle Tree Certificates (MTCs), a post-quantum–ready certifica...
June 2026 Patch Tuesday forecast: Where are the CVEs?
My forecast from last month was only partly right. After the Anthropic Mythos announcements and the deluge of newly discovered vulnerabilities from vendors l...
Malicious Python Package Mimics Parsimonious Parser
A sophisticated typosquatting attack targeting Python developers through a malicious package named “parsimonius” on the Python Package Index (PyPI). The rogu...
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attac...
AgentGG: Open-source agentic SAST scanner
Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand...
Chinese APT VerdantBamboo Targets Appliances with BRICKSTORM Malware
BRICKSTORM is a modular remote access trojan (RAT) originally seen in Golang and later in Rust. It uses a wssoft library with pluggable “tasks” for shell com...
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zer...
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert ...
Thieves can pull off keyless car theft in under a minute and here’s how to stop them
A keyless car can be stolen in under a minute. Two people, a pair of cheap radio amplifiers, and a fob sitting on a hallway table inside the house.
Microsoft Edge Vulnerability Lets Remote Attackers Execute Arbitrary Code
Microsoft has disclosed three critical vulnerabilities in its Edge browser, all discovered during the Pwn2Own competition and reported by security researcher...
Data Breaches
Klue OAuth breach victim list grows as Icarus hackers claim attack
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to custo...
Texas govt data breach exposes over 3 million driver’s licenses
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three mil...
The Good, the Bad and the Ugly in Cybersecurity – Week 25
FBI dismantles extensive PhaaS, DragonForce ransomware abuses MS Teams relays, and PRC-based spies breach REDCap servers to steal research data.
Klue breach lead to Salesforce data theft, Huntress affected
Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sale...
From Assistive to Agentic: The AI Shift That's Redefining Threat Management
Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often...
CISA warns Fortinet users to secure devices after FortiBleed leak
The U.S.
24 Billion Stolen Credentials Exposed in Massive Data Leak
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infoste...
Companies are discarding the logs they need to catch a breach
Many large enterprises discard most of the log data their systems generate, and they do it on purpose to keep costs down. A Dynatrace survey of 450 senior IT...
Icarus threat actors exploit Klue OAuth breach to steal Salesforce data
The attack involved the theft of OAuth credentials from Klue's Battlecards integration, which threat actors then used to access and exfiltrate data from cust...
Texas Parks & Wildlife data breach exposes millions of driver's licenses, passport numbers
The Texas Parks & Wildlife department disclosed that hackers gained access to its license system vendor, which processes hunting and fishing license sales.
Klue OAuth breach linked to 'Icarus' Salesforce data theft attacks
Market intelligence platform Klue suffered a OAuth breach that enabled the "Icarus" threat actors to steal Salesforce CRM data from multiple organizations in...
Telegram admits it couldn't police exam-leak channels, India tells court
India's government has told the Delhi High Court that Telegram was warned about two weeks before it was blocked, and that the platform admitted it could not ...