Stay ahead of emerging threats with expert analysis, vulnerability reports, and cybersecurity insights.
CISA confirmed active exploitation of CVE-2017-7921 (Hikvision cameras) and CVE-2021-22681 (Rockwell Automation controllers), both CVSS 9.8. Federal agencies must patch by March 26, 2026. Legacy vulnerabilities remain potent weapons in attacker arsenals.
CISA added CVE-2026-22719 (CVSS 8.1) to the Known Exploited Vulnerabilities catalog after confirming active exploitation. The command injection flaw in VMware Aria Operations allows unauthenticated RCE. Federal agencies must patch by March 24, 2026.
Read moreApple patches CVE-2026-20700, a memory corruption flaw in dyld exploited in sophisticated attacks. The vulnerability completes a three-stage exploit chain with two December 2025 bugs (CVE-2025-14174, CVE-2025-43529) discovered by Google TAG, likely used in mercenary spyware operations.
Read moreMicrosoft's February 2026 Patch Tuesday fixes 59 vulnerabilities including six actively exploited zero-days. CISA has added all six to KEV with March 3rd deadline. Critical bugs in Windows Shell, MSHTML, Word, and privilege escalation in Desktop Window Manager and Remote Desktop.
Read moreResearchers discovered DockerDash, a critical vulnerability in Docker Ask Gordon AI feature that lets attackers execute code by hiding malicious instructions in image metadata. The attack exploits blind trust between the AI assistant and MCP Gateway. Patched in Docker Desktop 4.50.0.
Read moreMicrosoft announces three-phase plan to disable NTLM by default in Windows, pushing enterprises toward Kerberos authentication after decades of security issues.
Read moreA critical authentication bypass vulnerability (CVSS 9.8) in Fortinet FortiOS, FortiManager, FortiAnalyzer, FortiProxy, and FortiWeb allows attackers with a FortiCloud account to access devices registered to other accounts when FortiCloud SSO is enabled. This vulnerability is actively being exploited in the wild.
Read moreA high-severity Microsoft Office zero-day (CVE-2026-21509) is being actively exploited to bypass security controls designed to block risky COM and OLE content. Successful exploitation requires a user to open a malicious Office document, enabling follow-on payload execution and intrusion activity. Apply Microsoft's out-of-band update immediately or deploy the recommended registry-based mitigation if patching is delayed.
Read moreReact2Shell refers to a newly disclosed set of exploitation paths affecting React Server Components and modern server-side rendering workflows. In vulnerable implementations, attackers may escalate from user-driven application behavior into sensitive server-side execution, data access, or compromise of backend services. Organizations using RSC or SSR patterns should audit server-executed components, reduce dynamic execution paths, and apply strict validation and least-privilege controls.
Read moreSubscribe to our newsletter and get the latest security insights delivered to your inbox.