All Recent Posts

Internet Security

Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution

March 30, 2026 add comment
Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that allows remote code execution via SQL injection. A critical Fortinet FortiClient EMS vulnerability, tracked as CVE-2026-21643 (CVSS score... Read more »

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

March 30, 2026 add comment
Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest KACE Systems Management Appliance (SMA), according to Arctic Wolf. The cybersecurity company said it observed malicious... Read more »
Internet Security

New macOS Infinity Stealer uses Nuitka Python payload and ClickFix

March 30, 2026 add comment
Infinity Stealer targets macOS via fake Cloudflare CAPTCHA, using Nuitka; first such campaign per Malwarebytes. Researchers at Malwarebytes spotted a new macOS infostealer, named Infinity Stealer, using a Python... Read more »
Internet Security

Russia-linked APT TA446 uses DarkSword exploit to target iPhone users in phishing wave

March 30, 2026 add comment
Russia-linked TA446 is using the DarkSword iOS exploit kit in targeted phishing campaigns to compromise iPhone users. Russia-linked APT group TA446 (aka SEABORGIUM, ColdRiver, Callisto, and Star Blizzard) is... Read more »
Help Net Security

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools

March 30, 2026 add comment
Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data... Read more »
Help Net Security

Why risk alone doesn’t get you to yes

March 30, 2026 add comment
I have been in security rooms for years, from military operations centers to corporate boardrooms. In all those years I can tell you that the hardest mission that most... Read more »
Help Net Security

ShipSec Studio brings open-source workflow orchestration to security operations

March 30, 2026 add comment
Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source... Read more »
Help Net Security

Breaking out: Can AI agents escape their sandboxes?

March 30, 2026 add comment
Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without direct access to the... Read more »
Help Net Security

Don’t count on government guidance after a smart home breach

March 30, 2026 add comment
People are filling their homes with internet-connected cameras, speakers, locks, and routers. When one of those devices is compromised, the next steps are often unclear. Researchers reviewing government cybersecurity... Read more »

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

March 30, 2026 add comment
Sansec is warning of a critical security flaw in Magento’s REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover. The... Read more »
Subscribe to our Newsletter