Ransomware group RansomHouse has listed Trellix, the enterprise cybersecurity giant formed from the merger of McAfee Enterprise...
John
John is an independent cybersecurity researcher covering vulnerabilities, malware campaigns, and emerging threats in the cybersecurity landscape.
Ivanti has issued an urgent security advisory warning that a high-severity remote code execution (RCE) vulnerability in...
A critical cross-origin WebSocket hijacking vulnerability (CVSS 9.7) in Cline’s local kanban server, one of the most...
Mozilla has patched a record-breaking 423 security vulnerabilities in Firefox after deploying an agentic AI pipeline powered...
Days after confirming one of the largest data breaches in education technology history, Instructure is now facing...
A critical ServiceAccount impersonation bypass in Rancher Fleet (CVSS 9.9) allows any tenant with git push access...
A critical, unpatched local privilege escalation (LPE) vulnerability dubbed Dirty Frag has been publicly disclosed, enabling any local attacker...
A high-severity vulnerability (CVE-2026-41139) in the popular mathjs JavaScript library allows remote attackers to execute arbitrary JavaScript...
Kaspersky’s GReAT team has uncovered a sophisticated PyPI supply chain attack attributed with moderate confidence to the...
Redis has disclosed and patched five security vulnerabilities: four rated High (CVSS 7.7) and one rated Medium...
