Critical BeyondTrust Authentication Flaws Expose Remote Support Appliances to Attacks
BeyondTrust has disclosed multiple critical and high-severity vulnerabilities affecting its Remote Support (RS) and Privileged Remote Access (PRA) appliances...
20 articles
BeyondTrust has disclosed multiple critical and high-severity vulnerabilities affecting its Remote Support (RS) and Privileged Remote Access (PRA) appliances...
A significant security vulnerability in Google’s Gemini Live API has exposed applications to remote code execution (RCE) due to misconfigured ephemeral token...
A newly identified Iran-linked threat group, tracked as Cavern Manticore, is deploying a sophisticated modular command-and-control (C2) framework built on a ...
Microsoft has disclosed a high-severity remote code execution (RCE) vulnerability in its Chromium-based Edge browser, identified as CVE-2026-57992. This vuln...
Toronto, Canada, July 6th, 2026, CyberNewswire Most software composition analysis tools read what developers declare. Insignary Clarity’s patented binary-fir...
A rising phishing technique is exploiting a legitimate Microsoft authentication flow to hijack corporate accounts without stealing passwords. Attackers are w...
A newly discovered deserialization vulnerability, tracked as CVE-2026-44963, affects Veeam Backup & Replication. This vulnerability allows authenticated doma...
Gentlemen, a Go-based ransomware-as-a-service (RaaS) active since mid-2025, has distinguished itself with a potent combination of modern cryptography, aggres...
A critical security vulnerability in Opera GX has been disclosed, revealing that attackers could exploit the browser’s GX Mods feature to inject malicious CS...
A critical vulnerability in fast-mcp-telegram (CVE-2026-52830, GHSA-rxw2-pc8j-vxwm) allows attackers to access a Telegram MCP session over HTTP without a val...
The SilverFox advanced persistent threat (APT) group has escalated its offensive toolkit by transforming ValleyRAT from a conventional remote access trojan i...
A sophisticated email phishing campaign exploiting the global excitement around the 2026 FIFA World Cup is deceiving fans with counterfeit reward pages desig...
Microsoft has issued a warning to enterprise administrators about a critical issue affecting Windows 11 systems. This problem may cause devices to boot to a ...
IBM has disclosed several security vulnerabilities in its WebSphere Application Server that put enterprise environments at risk of cross-site scripting (XSS)...
A newly disclosed high-severity vulnerability in PHP, tracked as CVE-2026-12184, poses a significant risk to web applications by allowing a remotely triggera...
A single RedLine Stealer command-and-control (C2) indicator has revealed a focused spear-phishing campaign targeting the South Korean maritime industry, expo...
Malicious AI agent skills can be packaged to steal credentials, exfiltrate source code, and install backdoors while still bypassing many current skill-auditi...
A targeted campaign that delivers the Ousaban banking Trojan to users in Spain and Portugal using sophisticated server-side geofencing and multi-stage delive...
ModSecurity, a widely used open-source web application firewall (WAF), has multiple security vulnerabilities that allow attackers to bypass detection with sp...
A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46242 and dubbed “Bad Epoll,” exposes a critical race-condition use-after-free (UAF) flaw i...