Alerts

Alerts

Hackers Exploit Critical React Native Metro Flaw to Compromise Developer Systems (CVE-2025-11953)

A critical vulnerability in the React Native Community CLI Metro development server is being actively exploited to compromise developer workstations and CI/CD environments. Tracked as CVE-2025-11953 and dubbed Metro4Shell, the flaw carries a CVSS score of 9.8 and allows unauthenticated OS command injection through the server's

Alerts

Cisco Meeting Management Vulnerability Allows Authenticated Attackers to Gain Root Access

Cisco has released a security advisory for CVE-2026-20098, a high-severity vulnerability in Cisco Meeting Management that allows authenticated remote attackers to upload arbitrary files, execute commands, and escalate privileges to root. The flaw carries a CVSS score of 8.8 and affects all versions of Cisco Meeting Management prior to

Alerts

Microsoft Integrates Sysmon Directly into Windows 11 for Native Threat Detection

Microsoft has announced the integration of System Monitor (Sysmon) directly into Windows 11, bringing one of the most widely-used threat detection tools natively into the operating system. The feature is now available in Windows 11 Insider Preview Build 26300.7733 (KB5074178) in the Dev Channel. Previously available only as a

Alerts

Critical vLLM Vulnerability Allows Remote Code Execution via Malicious Video Files

A critical vulnerability chain has been disclosed in vLLM, a widely-used high-performance library for Large Language Model inference. Tracked as CVE-2026-22778 with a CVSS score of 9.8, the flaw allows remote attackers to execute arbitrary commands on vLLM servers by submitting a malicious video URL to the API. Default

Alerts

CISA Silently Updated Ransomware Intelligence on 59 Vulnerabilities in 2025 Without Notifying Defenders

CISA has been silently updating its Known Exploited Vulnerabilities (KEV) catalog when it confirms that vulnerabilities are being exploited by ransomware groups — without notifying defenders when those changes occur. Glenn Thorpe, senior director of security research and detection engineering at GreyNoise, documented the gap by downloading daily KEV snapshots for

Alerts

Django Patches Three High-Severity SQL Injection Flaws Across All Supported Versions

The Django project has issued security releases across all supported versions — Django 6.0.2, 5.2.11, and 4.2.28 — addressing six vulnerabilities, three of which are high-severity SQL injection flaws that could allow attackers to execute arbitrary SQL commands against backend databases. All three SQL injection CVEs

Alerts

Critical 1-Click RCE in OpenClaw Gives Attackers Full Control of Developer Machines (CVE-2026-25253)

A critical vulnerability in OpenClaw — the viral open-source AI assistant trusted by over 100,000 developers — allows attackers to achieve full remote code execution on a victim's machine through a single webpage visit. No user interaction beyond loading the page is required. CVE-2026-25253 (CVSS 8.8) affects all

Alerts

APT28 Weaponizes Microsoft Office Zero-Day Within 24 Hours, Targets Ukraine and EU with Covenant Backdoor

Russian state-sponsored hacking group APT28 weaponized a critical Microsoft Office zero-day vulnerability within 24 hours of public disclosure, launching targeted attacks against Ukrainian government agencies and European Union institutions. Ukraine's Computer Emergency Response Team (CERT-UA) detected exploitation attempts beginning January 27 — just one day after Microsoft published details

Alerts

Critical Kyverno Vulnerability Allows Cluster Admin Takeover via Policy Abuse (CVE-2026-22039)

The maintainers of Kyverno, a widely deployed Kubernetes-native policy engine, have released an emergency patch for a critical vulnerability that completely breaks namespace isolation boundaries. Tracked as CVE-2026-22039 and carrying a maximum CVSS score of 10, the flaw allows any authenticated user with permission to create namespaced policies to effectively

Alerts

CISA Adds Actively Exploited Ivanti EPMM Vulnerability to KEV Catalog (CVE-2026-1281)

CISA has added a critical Ivanti Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. Tracked as CVE-2026-1281, the code injection vulnerability allows attackers to achieve unauthenticated remote code execution on affected systems. Urgent Deadline Federal agencies are required to apply

Alerts

SolarWinds Web Help Desk Hit with Six Critical Vulnerabilities Including Multiple RCE Flaws

SolarWinds has released an emergency patch for Web Help Desk (WHD), addressing six security vulnerabilities—four rated critical—that could allow unauthenticated attackers to fully compromise host systems. The flaws, discovered by researchers Jimi Sebree of Horizon3.ai and Piotr Bazydło of watchTowr, include multiple remote code execution vectors, authentication

Alerts

Critical SandboxJS Vulnerability Allows Complete Sandbox Escape and Remote Code Execution (CVE-2026-23830)

A critical vulnerability in SandboxJS, a widely used library for safely executing untrusted JavaScript code, allows attackers to completely escape the sandbox environment and achieve remote code execution on the host system. Tracked as CVE-2026-23830 and carrying a maximum CVSS score of 10.0, the flaw stems from an incomplete