CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.

An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more ...

Fragnesia CVE-2026-46300 corrupts Linux page cache via XFRM ESP-in-TCP, enabling local root access on major distros.

The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive ...

Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published ...

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited flaws.

Microsoft’s new MDASH AI system found 16 Windows vulnerabilities fixed in this month’s Patch Tuesday, including 2 RCE flaws ...

One of the most severe vulnerabilities patched by Redmond is CVE-2026-41096 (CVSS score: 9.8), a heap-based buffer overflow ...

OpenAI launched Daybreak with GPT-5.5-Cyber tools as AI accelerates vulnerability discovery and exploit timelines.

When every fix gets re-tested and the results are visible to both security and engineering leadership, partial fixes and ...