First VPN Takedown Hits Ransomware Anonymization Service
Europol says First VPN, a Russian-speaking cybercrime VPN, was dismantled in Operation…
Langflow CVE-2025-34291: Token Hijack and RCE Added to CISA KEV
Langflow CVE-2025-34291 can turn a malicious webpage into account takeover and RCE…
Trend Micro Apex One CVE-2026-34926 Exploited in the Wild
Trend Micro patched an Apex One on-prem directory traversal flaw after observing…
Microsoft Defender CVE-2026-41091 and CVE-2026-45498 Exploited
Microsoft says two Defender flaws have been exploited. CISA added both to…
Drupal Core CVE-2026-9082: PostgreSQL SQL Injection Patch
Drupal core CVE-2026-9082 is a highly critical PostgreSQL SQL injection flaw. Check…
SonicWall CVE-2024-12802: MFA Bypass Still Exposes SSL-VPNs
SonicWall CVE-2024-12802 can leave SSL-VPN MFA bypassable when firmware is patched but…
ChromaDB CVE-2026-45829 Allows Pre-Auth Server Takeover
HiddenLayer disclosed ChromaToast, a pre-auth RCE in ChromaDB Python FastAPI server deployments…
GitHub Internal Repos Exposed Through Poisoned VS Code Extension
GitHub says an employee device was compromised through a poisoned VS Code…
Operation Ramz Cuts Phishing and Malware Servers in MENA
INTERPOL says Operation Ramz led to 201 arrests and the seizure of…
