Apple expands iOS 18 updates to more iPhones to block DarkSword attacks
Apple has now made it possible for more iPhones still running iOS 18 to receive security updates that protect against the actively exploited DarkSword exploi...
Vulnerability Disclosure
20 articles
Apple Pushes Rare iOS 18 Patch for Devices at Risk from DarkSword Exploit
Apple pushes rare iOS 18 security patch to protect devices at risk from the DarkSword exploit, urging users to update or move to iOS 26 for stronger protection.
7 ways to improve your business resilience with backup and recovery
When your network goes down, your business stops. That’s a stark truth we see confirmed daily in incident response—and N-able’s 2026 State of the SOC Report ...
200,000 WordPress Sites Affected by Arbitrary File Move Vulnerability in MW WP Form WordPress Plugin
On March 16th, 2026, we received a submission for an Arbitrary File Move vulnerability in MW WP Form, a WordPress plugin with more than 200,000 active instal...
Cisco Smart Software Manager On-Prem Arbitrary Command Execution Vulnerability
A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an unauthenticated, remote attacker to execute arbitrary commands on the un...
Cisco Nexus Dashboard Configuration Backup REST API Unauthorized Access Vulnerability
A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Co...
Cisco Nexus Dashboard and Nexus Dashboard Insights Server-Side Request Forgery Vulnerability
A vulnerability in Cisco Nexus Dashboard and Cisco Nexus Dashboard Insights could allow an unauthenticated, remote attacker to conduct a server-side request ...
Cisco Integrated Management Controller Command Injection and Remote Code Execution Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker ...
Cisco Smart Software Manager On-Prem Privilege Escalation Vulnerability
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privilege...
Cisco Evolved Programmable Network Manager Improper Authorization Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker with...
Cisco Integrated Management Controller Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow a remote attacker to conduct a cro...
Cisco Nexus Dashboard Insights Arbitrary File Write Vulnerability
A vulnerability in the Metadata update feature of Cisco Nexus Dashboard Insights could allow an authenticated, remote attacker to write arbitrary files to an...
Cisco Integrated Management Controller Authentication Bypass Vulnerability
A vulnerability in the change password functionality of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to bypas...
Trivy supply chain intrusion reportedly compromises Cisco source code
Cisco was reported to have had its source code stolen by threat actors following an attack linked to the recent supply chain attack against Aqua Security's T...
AI discovers RCE vulnerabilities in Vim and Emacs text editors
Vulnerabilities in the widely used Vim and GNU Emacs text editors, discovered with the assistance of the Claude AI, allow for remote code execution simply by...
Mutation testing for the agentic era
Code coverage is one of the most dangerous quality metrics in software testing. Many developers fail to realize that code coverage lies by omission: it measu...
Hackers Exploit Hotel Booking Systems to Send Fake Payment Requests to Guests
Hackers are increasingly targeting hotel booking workflows to trick travelers into handing over payment details, using a technique that blends real reservati...
Google Cloud’s Vertex AI Hit by Vulnerability Enabling Sensitive Data Access
Artificial intelligence agents are transforming enterprise workflows, but they also introduce dangerous new attack vectors. Security researchers from Palo Al...
Claude AI finds Vim, Emacs RCE bugs that trigger on file open
Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow remote code execution simply by openi...
New critical Telegram zero-click issue threatens total device compromise
Cybernews reports that Telegram for Android and Telegram Desktop for Linux have been affected by a critical zero-click vulnerability that could enable remote...