In a stark reminder of the persistent threats targeting critical network infrastructure, Cisco has released an urgent...
John
John is an independent cybersecurity researcher covering vulnerabilities, malware campaigns, and emerging threats in the cybersecurity landscape.
A critical supply-chain vulnerability has been uncovered within the HuggingFace transformers library. Tracked as CVE-2026-4372, this high-severity...
Google has confirmed active exploitation of a critical zero-day vulnerability in the Android Framework, tracked as CVE-2025-48595,...
Ivanti has disclosed a high-severity improper access control vulnerability, tracked as CVE-2026-9614, in its Neurons for ITSM platform...
A newly disclosed high-severity vulnerability in the Laravel PHP framework exposes web applications to CRLF injection attacks...
Two critical security vulnerabilities have been disclosed in Apache ActiveMQ: CVE-2026-42253 (HTTP Response Header Injection) and CVE-2026-49157 (Incorrect Default Permissions), both...
The Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2024-21182, a high-severity unspecified vulnerability in Oracle WebLogic Server,...
Apache has disclosed a new high-severity vulnerability in Apache ActiveMQ, tracked as CVE-2026-49157, that allows authenticated low-privilege web...
A critical security flaw, designated as CVE-2026-4387, has been identified in the StrongDM desktop application. The vulnerability...
In the rapidly evolving landscape of network security, perimeter devices remain highly attractive targets for threat actors...