A critical security advisory SNWLID-2026-0004 disclosing three newly identified vulnerabilities in SonicOS, the operating system powering its entire...
John
John is an independent cybersecurity researcher covering vulnerabilities, malware campaigns, and emerging threats in the cybersecurity landscape.
A critical authentication bypass vulnerability (CVE-2026-41248) has been discovered in Clerk’s official JavaScript SDKs, allowing unauthenticated attackers...
A high-severity privilege escalation vulnerability in LiteLLM’s proxy configuration endpoint has put enterprise AI infrastructure at risk,...
A sophisticated supply chain campaign dubbed “Mini Shai Hulud” has compromised four widely-used SAP Cloud Application Programming...
The Jenkins project released a sweeping security advisory on April 29, 2026, disclosing seven vulnerabilities, including three...
Two newly disclosed high-severity vulnerabilities in Ollama for Windows, CVE-2026-42248 and CVE-2026-42249, allow attackers to silently deliver and persistently execute...
A critical unauthenticated remote code execution (RCE) vulnerability has been disclosed in DocsGPT, the popular open-source AI documentation...
A roll out KB5083768 (OS Build 28000.1836) on April 14, 2026, delivering critical security hardening for Remote...
A critical pre-authentication SQL injection vulnerability, CVE-2026-42208 (tracked as GHSA-r75f-5x8p-qvmc), has been actively exploited in the wild, targeting LiteLLM, the...
Microsoft has confirmed that CVE-2026-32202, a Windows Shell spoofing vulnerability patched on April 14, 2026, is being actively...
