Alerts
Cisco has confirmed active exploitation of a critical zero-day vulnerability in its Secure Email Gateway and Secure Email and Web Manager appliances. Tracked as CVE-2025-20393, the flaw carries a maximum CVSS score of 10.0 and allows unauthenticated attackers to execute arbitrary commands with root privileges via crafted HTTP requests.
Alerts
Critical AWS CodeBuild Flaw Exposed AWS Console to Supply Chain Attack A critical misconfiguration in AWS CodeBuild could have allowed attackers to compromise key AWS-owned GitHub repositories, including the JavaScript SDK that powers the AWS Console itself. Security researchers at Wiz Research discovered the vulnerability, dubbed "CodeBreach," which
Threats
A coordinated operation led by Microsoft and international law enforcement has dismantled RedVDS, a major infrastructure provider behind large-scale business email compromise (BEC) fraud worldwide. RedVDS functioned as a low-cost, subscription-based cybercrime service, offering criminals disposable virtual machines that appeared online as legitimate Windows systems. These rented environments allowed attackers
Alerts
Microsoft's first Patch Tuesday of 2026 addresses 114 security vulnerabilities across Windows, Office, and related services. The release includes 12 critical-severity flaws and patches for three zero-day vulnerabilities. By the Numbers Zero-Days Patched Three zero-day vulnerabilities were addressed in this release: * CVE-2026-20805 - Desktop Window Manager information disclosure
Breaches
A threat actor using the alias "datsell_alld" claims to be selling a database containing approximately 3.1 million records of Armenian citizens on a dark web forum. With Armenia's population estimated at just over 3 million, the claimed size suggests this could represent a near-complete
Alerts
Gogs, a lightweight and self-hosted Git service commonly used as an alternative to GitHub Enterprise or GitLab, has become the focus of urgent U.S. federal cybersecurity action. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Gogs vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog,
Breaches
The Everest ransomware group has claimed responsibility for a significant cyber intrusion targeting Nissan Motor Co., Ltd., alleging the exfiltration of approximately 900GB of sensitive data from the Japanese automaker. What We Know So Far Everest posted alleged proof-of-compromise samples on underground forums, a tactic commonly associated with double-extortion ransomware
Alerts
Patch immediately. CVSS 10.0. A maximum-severity flaw in n8n allows unauthenticated attackers to fully compromise servers and access all connected systems including API keys, databases, and cloud services. Vulnerability Summary CVECVE-2026-21858Severity10.0 CRITICALAffectedn8n versions < 1.121.0ExploitedPoC availablePatchUpgrade to 1.121.0+ What's at Risk Attackers
Threats
A newly attributed China-nexus threat actor designated UAT-7290 has been conducting espionage operations against telecommunications providers in South Asia and organizations in Southeastern Europe since at least 2022. According to research published recently by Cisco Talos, the group employs a sophisticated multi-stage attack chain combining open-source tools, custom malware, and
Threats
Security researchers have uncovered evidence suggesting that threat actors speaking Chinese may have been exploiting serious vulnerabilities in VMware ESXi long before these flaws were publicly disclosed by the vendor. According to a new analysis by cybersecurity firm Huntress, a breach observed in December 2025 began with the compromise of
Threats
An Iran-linked threat actor known as MuddyWater has been linked to a newly identified spear-phishing campaign targeting diplomatic, maritime, financial, and telecommunications organizations across the Middle East. The operation deploys a Rust-based remote access trojan (RAT) dubbed RustyWater, signaling a continued evolution in the group’s malware development strategy. According
Alerts
A severe command injection vulnerability in end-of-life D-Link DSL gateway devices is being actively exploited by threat actors, with no patch forthcoming from the manufacturer. The Vulnerability Tracked as CVE-2026-0625 with a critical CVSS score of 9.3, the flaw exists in the dnscfg.cgi component responsible for handling DNS