Alerts
Fortinet has released security updates addressing two critical vulnerabilities, including an unauthenticated SQL injection in FortiClientEMS and a FortiCloud SSO authentication bypass that is already being exploited in the wild. CVE-2026-21643 — FortiClientEMS SQL Injection (CVSS 9.1) The first flaw, tracked as CVE-2026-21643, is a SQL
Alerts
BeyondTrust has issued patches for a critical pre-authentication remote code execution vulnerability in its Remote Support (RS) and Privileged Remote Access (PRA) products — the same software previously exploited as zero-days in the 2024 breach of the U.S. Treasury Department. Tracked as CVE-2026-1731, the flaw is
Threats
Singapore's Cyber Security Agency (CSA) has disclosed that the China-linked cyber espionage group UNC3886 conducted a deliberate campaign against the country's entire telecommunications sector, targeting all four major operators — M1, SIMBA Telecom, Singtel, and StarHub. The disclosure follows comments made over six months ago by
Breaches
The European Commission has confirmed that attackers compromised its central mobile device management systems on January 30, potentially accessing the names and phone numbers of staff members. The intrusion targeted the infrastructure used to manage employee mobile phones and tablets. CERT-EU detected suspicious activity and contained the breach within
Alerts
A critical vulnerability in the React Native Community CLI Metro development server is being actively exploited to compromise developer workstations and CI/CD environments. Tracked as CVE-2025-11953 and dubbed Metro4Shell, the flaw carries a CVSS score of 9.8 and allows unauthenticated OS command injection through the server&
Threats
Recorded Future's Insikt Group has published a comprehensive analysis of Rublevka Team, a Russian cybercriminal operation that has generated over $10 million in cryptocurrency theft since 2023 through an affiliate-driven wallet draining ecosystem. Unlike traditional crypto-stealing operations that rely on infostealer malware, Rublevka Team deploys custom
Alerts
Cisco has released a security advisory for CVE-2026-20098, a high-severity vulnerability in Cisco Meeting Management that allows authenticated remote attackers to upload arbitrary files, execute commands, and escalate privileges to root. The flaw carries a CVSS score of 8.8 and affects all versions of Cisco Meeting
Alerts
Microsoft has announced the integration of System Monitor (Sysmon) directly into Windows 11, bringing one of the most widely-used threat detection tools natively into the operating system. The feature is now available in Windows 11 Insider Preview Build 26300.7733 (KB5074178) in the Dev Channel. Previously available only as
Alerts
A critical vulnerability chain has been disclosed in vLLM, a widely-used high-performance library for Large Language Model inference. Tracked as CVE-2026-22778 with a CVSS score of 9.8, the flaw allows remote attackers to execute arbitrary commands on vLLM servers by submitting a malicious video URL
Threats
Huntress has published details of a February 2026 intrusion where threat actors leveraged compromised SonicWall SSLVPN credentials to access a victim network, then deployed a custom EDR killer that abuses a legitimate Guidance Software (EnCase) forensic driver to terminate security processes from kernel mode. The attack was disrupted before ransomware
Breaches
ShinyHunters, one of the most prolific data breach and extortion groups of the past five years, has posted a message to their official Telegram channel claiming that a "second leader has been arrested." The brief update also confirmed that the group's X (formerly Twitter) account has
Threats
Palo Alto Networks' Unit 42 has published a major investigation into a newly identified cyberespionage group it tracks as TGR-STA-1030, also known as UNC6619. The group — assessed with high confidence to be state-aligned and operating out of Asia — has compromised at least 70 organizations across 37