CVE-2026-39808 is an OS command injection flaw in FortiSandbox that allows unauthenticated attackers to execute unauthorized code or commands via HTTP requests. It received a critical, 9.1 CVSS rating ...

Read Microsoft expert tips for CISOs on embracing strong proactive security to mitigate increased exposure to security ...

Escape, Shannon, Strix, PentAGI, and Claude against a modern vulnerable application. Learn more about their detection rates, ...

What each agent actually does (BOLA, Regression testing agent, Business logic testing agent, and others..), how they ...

A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security ...

Robinhood users faced a sophisticated phishing attack exploiting Gmail's dot alias feature. Learn how the scam worked and how to protect yourself.

Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability ...

Hackers rushed to target a critical LiteLLM SQL injection flaw to steal keys, credentials, and environment-variable ...

FIRESTARTER backdoor hit Cisco ASA in Sept 2025, persists after patching CVE-2025-20333, risking continued federal network ...

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been actively exploited in the wild. The vulnerability, tracked as CVE-2026-33032 ...

This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation ...