China-linked spies backdoored authentication stack to stay hidden for years

A China-linked cyber espionage group known as Velvet Ant spent nearly a decade inside the internal network of an unnamed organization without being detected, according to the results of a forensic investigation published by cybersecurity firm Sygnia. T… Continue reading China-linked spies backdoored authentication stack to stay hidden for years

PhishLumos: Exposing phishing campaigns that evade detection by hiding content

Phishing remains one of the most stubbornly persistent threats in cybersecurity: humans are tired, distracted, trusting, and susceptible to urgency and authority in ways that no amount of awareness training can completely overcome. The security communi… Continue reading PhishLumos: Exposing phishing campaigns that evade detection by hiding content

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)

WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be ac… Continue reading Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)

CISA orders federal agencies to “patch smarter”

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government approaches vulnerability management. The directive arrives as the patching problem has become nearl… Continue reading CISA orders federal agencies to “patch smarter”

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert

A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google Cloud, warned today. The warning comes a day after Oracle published an out-o… Continue reading Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)

Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not known to be actively exploited, security researchers have a… Continue reading Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)

Record Microsoft Patch Tuesday, fresh zero-day

Microsoft marked its largest-ever Patch Tuesday this month, by shipping fixes for nearly 200 vulnerabilities. Within hours, “Nightmare Eclipse”, the researcher behind weeks of escalating Windows exploit releases, dropped a proof-of-concept … Continue reading Record Microsoft Patch Tuesday, fresh zero-day

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vul… Continue reading LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the company announced on Monday. About CVE-2026-50751 Check Point Remote Access VPN ena… Continue reading Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has orde… Continue reading CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)