Alerts

Alerts

Google Patches First Chrome Zero-Day of 2026 After Active Exploitation of CSS Use-After-Free Flaw (CVE-2026-2441)

Google has released emergency Chrome updates to address CVE-2026-2441, a high-severity use-after-free vulnerability in Chrome's CSS handling that was being actively exploited before a fix was available — marking the first Chrome zero-day of 2026. CVE-2026-2441 The vulnerability (CVSS 8.8) allows a remote attacker to execute arbitrary code

Alerts

BeyondTrust CVSS 9.9 Pre-Auth RCE Now Exploited in the Wild as Attackers Target Remote Access Infrastructure

Threat actors have begun actively exploiting a critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access appliances, with exploitation detected across global sensor networks overnight. "Overnight we observed first in-the-wild exploitation of BeyondTrust across our global sensors," said Ryan Dewhurst, head of threat

Alerts

Apple Patches First Zero-Day of 2026 After Google TAG Discovers Exploitation in Targeted Attacks

Apple has released security updates across its entire product ecosystem to address a zero-day vulnerability that the company says has been exploited in "extremely sophisticated" attacks targeting specific individuals. The vulnerability, tracked as CVE-2026-20700, is a memory corruption flaw in dyld — Apple's Dynamic Link Editor responsible

Alerts

Microsoft February 2026 Patch Tuesday Fixes Six Actively Exploited Zero-Days Across Windows, Office, and Remote Desktop

Microsoft's February 2026 Patch Tuesday addresses 59 vulnerabilities across Windows, Office, Azure, Edge, Exchange, and Hyper-V — including six zero-day flaws already being exploited in the wild. All six have been added to CISA's Known Exploited Vulnerabilities catalog with a March 3 federal patching deadline. Of the

Alerts

Fortinet Patches Two Critical Flaws — FortiClientEMS SQLi and Actively Exploited FortiCloud SSO Bypass

Fortinet has released security updates addressing two critical vulnerabilities, including an unauthenticated SQL injection in FortiClientEMS and a FortiCloud SSO authentication bypass that is already being exploited in the wild. CVE-2026-21643 — FortiClientEMS SQL Injection (CVSS 9.1) The first flaw, tracked as CVE-2026-21643, is a SQL injection vulnerability in FortiClientEMS

Alerts

BeyondTrust Patches Critical Unauthenticated RCE in Remote Support and Privileged Remote Access (CVE-2026-1731)

BeyondTrust has issued patches for a critical pre-authentication remote code execution vulnerability in its Remote Support (RS) and Privileged Remote Access (PRA) products — the same software previously exploited as zero-days in the 2024 breach of the U.S. Treasury Department. Tracked as CVE-2026-1731, the flaw is an OS command injection

Alerts

Hackers Exploit Critical React Native Metro Flaw to Compromise Developer Systems (CVE-2025-11953)

A critical vulnerability in the React Native Community CLI Metro development server is being actively exploited to compromise developer workstations and CI/CD environments. Tracked as CVE-2025-11953 and dubbed Metro4Shell, the flaw carries a CVSS score of 9.8 and allows unauthenticated OS command injection through the server's

Alerts

Cisco Meeting Management Vulnerability Allows Authenticated Attackers to Gain Root Access

Cisco has released a security advisory for CVE-2026-20098, a high-severity vulnerability in Cisco Meeting Management that allows authenticated remote attackers to upload arbitrary files, execute commands, and escalate privileges to root. The flaw carries a CVSS score of 8.8 and affects all versions of Cisco Meeting Management prior to

Alerts

Microsoft Integrates Sysmon Directly into Windows 11 for Native Threat Detection

Microsoft has announced the integration of System Monitor (Sysmon) directly into Windows 11, bringing one of the most widely-used threat detection tools natively into the operating system. The feature is now available in Windows 11 Insider Preview Build 26300.7733 (KB5074178) in the Dev Channel. Previously available only as a

Alerts

Critical vLLM Vulnerability Allows Remote Code Execution via Malicious Video Files

A critical vulnerability chain has been disclosed in vLLM, a widely-used high-performance library for Large Language Model inference. Tracked as CVE-2026-22778 with a CVSS score of 9.8, the flaw allows remote attackers to execute arbitrary commands on vLLM servers by submitting a malicious video URL to the API. Default

Alerts

CISA Silently Updated Ransomware Intelligence on 59 Vulnerabilities in 2025 Without Notifying Defenders

CISA has been silently updating its Known Exploited Vulnerabilities (KEV) catalog when it confirms that vulnerabilities are being exploited by ransomware groups — without notifying defenders when those changes occur. Glenn Thorpe, senior director of security research and detection engineering at GreyNoise, documented the gap by downloading daily KEV snapshots for

Alerts

Django Patches Three High-Severity SQL Injection Flaws Across All Supported Versions

The Django project has issued security releases across all supported versions — Django 6.0.2, 5.2.11, and 4.2.28 — addressing six vulnerabilities, three of which are high-severity SQL injection flaws that could allow attackers to execute arbitrary SQL commands against backend databases. All three SQL injection CVEs