Resources
CISA Adds SharePoint RCE CVE-2026-45659 to KEV Catalog
Gabby Lee
July 2, 2026
CISA confirmed active exploitation of CVE-2026-45659, a CVSS 8.8 SharePoint Server deserialization flaw enabling authenticated remote code execution in enterprise environments.
Adobe’s Seven CVSS 10.0 Flaws Span ColdFusion and Campaign Classic
Andrew Doyle
July 2, 2026
Adobe patched seven maximum-severity CVSS 10.0 vulnerabilities in ColdFusion and Campaign Classic, enabling unauthenticated code execution and privilege escalation.
Qilin Ransomware Claims Canadian Manufacturer Chamco Industries
Mitchell Langley
July 2, 2026
Qilin listed Chamco Industries on its dark web extortion portal, threatening to leak stolen data in its latest attack on a Canadian manufacturing company.
Unpatched Argo CD RCE Puts Kubernetes Clusters at Risk
Gabby Lee
July 2, 2026
Synacktiv disclosed an unpatched unauthenticated RCE in Argo CD's repo-server component that can lead to full Kubernetes cluster takeover with no fix currently available.
DuneSlide Flaws Let Prompt Injection Break Cursor AI Sandbox
Mitchell Langley
July 2, 2026
Cato AI Labs disclosed CVE-2026-50548 and CVE-2026-50549 in Cursor IDE, CVSS 9.8 flaws enabling zero-click prompt injection to escape the sandbox and execute system commands.
Citrix Patches Six NetScaler Flaws Including HTTP/2 Bomb Vector
Gabby Lee
July 2, 2026
Citrix patched six NetScaler ADC and Gateway vulnerabilities including a new HTTP/2 Bomb denial-of-service vector and information disclosure flaws similar to the CitrixBleed session token ...
Attackers Hit Oracle EBS CVE-2026-46817 Days After Patch
Andrew Doyle
June 30, 2026
Oracle E-Business Suite CVE-2026-46817 (CVSS 9.8) is under active attack, with honeypots logging crafted XML payloads targeting the /OA_HTML endpoint.
Apple Patches 30+ Flaws as AI Systems Earn WebKit CVE Credit
Gabby Lee
June 30, 2026
Apple's iOS 26.2 and macOS Tahoe 26.2 updates patch 30-plus flaws, including four WebKit vulnerabilities co-discovered by OpenAI and Anthropic AI systems.
Working Exploit Published for LoadMaster CVE-2026-8037 RCE
Andrew Doyle
June 30, 2026
watchTowr Labs published a working exploit for CVE-2026-8037, a pre-authentication root RCE in Progress Kemp LoadMaster, weeks after patches were released.
SimpleHelp CVE-2026-48558 Exploited to Deploy Djinn Stealer
Mitchell Langley
June 30, 2026
Attackers exploited SimpleHelp's OIDC authentication bypass CVE-2026-48558 to deploy Djinn Stealer and TaskWeaver within 13 days of initial disclosure.
Weekly Newsletter
Weekly Cybersecurity Newsletter: 14th to 18th August
Andrew Doyle
July 19, 2025
Explore our latest cybersecurity podcast episodes featuring ransomware attacks, phishing campaigns, corporate breaches, legal showdowns, and deep dives into evolving threats and digital defenses.
This Week In Cybersecurity: 23rd June to 27th June
Andrew Doyle
June 30, 2025
News Stories New ‘FileFix’ Attack Exploits Windows File Explorer to Deliver Stealthy Commands Threat actors use the search-ms URI protocol ...
This Week In Cybersecurity: 26th to 30th May, 2025
Andrew Doyle
May 30, 2025
"Cybersecurity threats escalate as ransomware attacks target major organizations, exposing sensitive data and highlighting vulnerabilities in systems across various industries. Stay informed."
This Week In Cybersecurity: 19th to 23rd May, 2025
Andrew Doyle
May 23, 2025
This week, significant cybersecurity incidents include ransomware attacks, data breaches affecting major organizations, and ongoing threats from state-sponsored groups, highlighting vulnerabilities across various sectors.
This Week In Cybersecurity: 21st – 25th April, 2025
Andrew Doyle
April 25, 2025
Targeted malware, ransomware, phishing, and ad fraud hit SK Telecom, Baltimore schools, Google, and more this week—exposing critical data and abusing trusted systems.
Trending
Daily Briefing Newsletter
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.














