Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part... Read more »

Hackers Used New Exploit Kit to Compromise Thousands of iPhones

Thousands of iPhones were compromised using the Coruna exploit kit, which chained 23 iOS vulnerabilities into advanced attacks used for espionage and cybercrime. The post Hackers Used New Exploit... Read more »

Phobos Ransomware admin faces up to 20 years after guilty plea

Russian national Evgenii Ptitsyn (43) pleaded guilty in the U.S. for his role in the Phobos ransomware operation. Russian national Evgenii Ptitsyn pleaded guilty in the US to wire... Read more »

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a... Read more »

Anthropic CEO Calls OpenAI’s Military Messaging ‘Straight Up Lies’

Anthropic CEO Dario Amodei is openly challenging how OpenAI describes its defense work, sharpening the debate over what AI “guardrails” really mean. The post Anthropic CEO Calls OpenAI’s Military... Read more »

Russian APT targets Ukraine with BadPaw and MeowMeow malware

Researchers uncovered a Russian campaign targeting Ukrainian entities with new malware families BadPaw and MeowMeow delivered through phishing emails. Researchers reported a phishing campaign linked to Russia that targets... Read more »

Fideo Intelligence enhances dark web monitoring capabilities to reduce payment fraud

Fideo Intelligence announced an expansion of its dark web monitoring and threat intelligence capabilities to help financial institutions, fintech companies, payment service providers (PSPs), and merchants detect fraud earlier... Read more »

Codenotary Trust delivers autonomous AI security for Linux and Kubernetes

Codenotary has announced Codenotary Trust, a unified SaaS platform that uses AI to instantly detect, prioritize, and autonomously fix security, configuration, and performance issues, while also providing rollback capabilities.... Read more »

Push Security adds malicious browser extension detection to block threats in employee browsers

Push Security has announced new malicious browser extension detection and blocking capabilities within its browser-based security platform. The feature enables organizations to automatically block known-bad extensions from running in... Read more »

Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities

Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The exploited vulnerabilities (CVE-2026-20128, CVE-2026-20122) CVE-2026-20128 is... Read more »
Subscribe to our Newsletter