Intelligence · Updated daily
AI-analysed threats, vulnerabilities and campaigns. Not just what happened — what it means, who's affected, and what to do about it.
Multiple critical vulnerabilities in EV Energy's ev.energy charging stations could allow attackers to gain administrative control or disrupt services, posing significant risks to electric vehicle infrastructure.
Multiple critical vulnerabilities in Copeland XWEB and XWEB Pro devices allow attackers to bypass authentication, cause denial-of-service, memory corruption, and execute arbitrary code, posing significant risks to affected systems.
Multiple critical vulnerabilities exist in Pelco's Sarix Pro 3 Series IP cameras, allowing attackers to gain unauthorized access and potentially compromise sensitive data and operations.
Multiple critical vulnerabilities in Yokogawa's CENTUM VP R6 and R7 versions could allow attackers to execute arbitrary code or cause denial-of-service, posing significant risks to industrial control systems.
Chargemap chargemap.com suffers from multiple critical vulnerabilities, including missing authentication and denial-of-service flaws, potentially allowing attackers to gain administrative control or disrupt charging services.
Angular's SSR feature is vulnerable to SSRF and header injection due to untrusted Host and X-Forwarded-* headers, allowing attackers to manipulate the application's base origin.
A critical stored XSS vulnerability in RustFS Console's preview modal allows attackers to execute arbitrary JavaScript, leading to credential theft and system compromise. The PoC highlights the importance of securing sensitive credentials and validating content types.
Parse Server's Google auth adapter improperly handles JWT algorithms, allowing attackers to forge tokens with 'alg: none' for account takeover. The PoC highlights the need for enforcing specific algorithms and key validation.
Chinese cyberspies have breached multiple telecom companies and government agencies using SaaS API calls to hide malicious traffic, indicating a sophisticated state-sponsored espionage campaign.
Attackers created malicious GitHub repositories mimicking legitimate Next.js projects and job interview materials to infect developers' devices with backdoors.
UFP Technologies, a medical device manufacturer, has been hit by a cyberattack that compromised its IT systems and data. The incident could impact patient care and data privacy.
Cisco's SD-WAN systems are being actively exploited due to critical vulnerabilities, with attackers bypassing authentication to gain administrative access. The situation is urgent for organizations using these systems.
OneUptime's use of Node.js vm module for executing untrusted code allows sandbox escape and full cluster compromise, highlighting the risks of improper isolation mechanisms.
ActualBudget server lacks authentication on several endpoints, exposing sensitive bank data to unauthorized access. This PoC highlights critical security gaps requiring immediate defensive action.
The vulnerability in Statamic's password reset feature allows attackers to capture tokens and hijack user accounts. The PoC highlights the importance of securing password recovery mechanisms.
CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems' FileZen, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal enterprises and other users.
InSAT MasterSCADA BUK-TS suffers from critical vulnerabilities (CVE-2026-21410, CVE-2026-22553) enabling SQL injection and OS command injection, potentially allowing remote code execution. This poses significant risks to industrial control systems.
The Ormar ORM is vulnerable to SQL injection through min() and max() functions due to lack of input validation, allowing attackers to execute arbitrary queries.
New York-based ad tech firm Optimizely suffered a data breach after falling victim to a voice phishing (vishing) attack, compromising customer data and underscoring the risks of social engineering in supply chains.
A bug in Microsoft's classic Outlook desktop client causes the mouse pointer to disappear for some users, impacting usability but not directly compromising security.
Spanish authorities arrested four individuals linked to a hacktivist group suspected of conducting DDoS attacks on government websites, highlighting the growing threat of hacktivism against critical infrastructure.
Android mental health apps with 14.7M installs expose sensitive user data due to critical security vulnerabilities, putting millions of users' medical information at risk.
Traefik contains a critical vulnerability allowing bypass of TLS client authentication over HTTP/3, potentially exposing protected resources to unauthorized access.
Critical stack-based buffer overflow in Delta Electronics ASDA-Soft versions up to 7.2.0.0 could allow remote code execution via structured exception handler (SEH) corruption.
Critical vulnerabilities in GE Vernova Enervista UR Setup versions below 8.70 allow remote code execution with elevated privileges, posing significant risks to industrial control systems.