Intelligence · Updated daily
AI-analysed threats, vulnerabilities and campaigns. Not just what happened — what it means, who's affected, and what to do about it.
Android mental health apps with 14.7M installs expose sensitive user data due to critical security vulnerabilities, putting millions of users' medical information at risk.
Traefik contains a critical vulnerability allowing bypass of TLS client authentication over HTTP/3, potentially exposing protected resources to unauthorized access.
Critical stack-based buffer overflow in Delta Electronics ASDA-Soft versions up to 7.2.0.0 could allow remote code execution via structured exception handler (SEH) corruption.
Critical vulnerabilities in GE Vernova Enervista UR Setup versions below 8.70 allow remote code execution with elevated privileges, posing significant risks to industrial control systems.
Honeywell CCTV products have a critical vulnerability (CVE-2026-1670) that allows unauthenticated attackers to change recovery email addresses, leading to account takeovers and unauthorized access to camera feeds.
A critical vulnerability in the Welker OdorEyes EcoSystem Pulse Bypass System with XL4 Controller, rated CVSS v3 8.2, exposes unauthenticated access to critical functions, risking over- or under-odorization events that could compromise safety and operations.
EnOcean SmartServer IoT versions up to 4.60.009 contain critical vulnerabilities (CVE-2026-20761, CVE-2026-22885) allowing remote code execution and ASLR bypass, posing significant risks to smart building infrastructure.
EC-Council introduced four new AI certifications and updated its Certified CISO program to help bridge the gap between AI adoption and workforce readiness, particularly in the U.S. where 700,000 workers need reskilling.
CISA has identified two critical vulnerabilities in Roundcube webmail, with CVE-2025-49113 being actively exploited for remote code execution.
Anthropic's new AI-powered tool, Claude Code Security, scans codebases for vulnerabilities and suggests patches. This is a significant advancement in automated security testing.
Jinan USR IOT Technology's USR-W610 device has multiple critical vulnerabilities that could allow attackers to steal credentials, disable authentication, or cause denial-of-service. Affected versions include USR-W610 <=3.1.1.0.
Unauthenticated attackers can exploit a file read vulnerability in Valmet DNA Engineering Web Tools to access arbitrary files.
CISA has identified two critical vulnerabilities in RoundCube Webmail, both actively exploited. These include a deserialization flaw and an XSS vulnerability, posing significant risks to federal systems.
CISA's 2025 cybersecurity year-in-review report documents a record 97 zero-day vulnerabilities exploited in the wild and identifies edge device exploitation and ransomware as the top threats to critical infrastructure.
Microsoft's February 2026 Patch Tuesday addresses over 55 vulnerabilities including four actively exploited zero-days in Windows, Office, and the .NET Framework.
A critical vulnerability in PostgreSQL allows authenticated users with CREATE FUNCTION privileges to escape the SQL sandbox and execute arbitrary operating system commands on the database server.
A critical command injection vulnerability in Cisco NX-OS allows unauthenticated attackers to execute arbitrary commands on Nexus data center switches, threatening core network infrastructure.
Juniper Networks released emergency patches for a critical out-of-bounds write vulnerability in Junos OS that enables unauthenticated remote code execution on MX and SRX series devices.
A ransomware attack forced one of the largest US school districts to cancel classes and revert to offline operations, exposing student and staff personal data and highlighting the continued targeting of education.
The first Patch Tuesday of 2026 addresses a record eight actively exploited zero-day vulnerabilities spanning Hyper-V, Office, Windows kernel, and the Microsoft Access database engine.
A critical improper authentication vulnerability in SonicWall SonicOS SSLVPN allows unauthenticated attackers to hijack active VPN sessions, with exploitation observed against government and enterprise targets.
A new critical authentication bypass in Fortinet FortiOS allows unauthenticated attackers to gain super-admin privileges on FortiGate firewalls, with mass exploitation already underway targeting internet-exposed management interfaces.
A critical vulnerability in Apache Commons Text string interpolation is being mass-exploited at year's end, with attackers deploying cryptominers and ransomware through the widely-embedded Java library.
NIST released final guidelines for organizations to transition from classical to post-quantum cryptographic algorithms, establishing timelines and priorities for migration across different use cases.
A misconfigured identity management update at a major cloud provider caused a cascading multi-region outage lasting over 12 hours, affecting thousands of businesses and highlighting cloud concentration risk.