Advertisement

CVE-2026-48558: SimpleHelp OIDC Authentication Bypass & Malware
Threat actors are actively exploiting CVE-2026-48558, a critical SimpleHelp OpenID Connect authentication bypass vulnerability, to deploy TaskWeaver and Djinn Stealer

Djinn Stealer Targets Cloud & AI Credentials via SimpleHelp CVE-2026-48558
Analysis of Djinn Stealer, an infostealer delivered via critical SimpleHelp CVE-2026-48558, targeting cloud and AI development credentials.

Squidbleed: 29-Year-Old Squid Proxy Bug Leaks Cleartext HTTP Requests
A 29-year-old heap over-read vulnerability, dubbed 'Squidbleed,' in Squid web proxy's default configuration can leak cleartext HTTP requests and credentials.
CVE-2024-0012: Critical PAN-OS Management Interface RCE Analysis
Technical analysis of CVE-2024-0012 affecting Palo Alto Networks PAN-OS. Learn how to detect CVE-2024-0012 exploit and implement immediate mitigation steps.
CVE-2023-6110: Rogue Account Creation in SimpleHelp — Patch Now
Attackers can exploit an OIDC implementation flaw in SimpleHelp servers to create unauthorized technician accounts. Immediate update to 5.2.24 is required.

CVE-2026-0257: Palo Alto Networks PAN-OS GlobalProtect Bypass Active
Palo Alto Networks warns of active exploitation of CVE-2026-0257, an authentication bypass flaw in PAN-OS GlobalProtect. Apply critical security patches now.

CVE-2026-50751: Critical Check Point VPN Password Bypass Patch Guidance
Check Point warns of active exploitation of CVE-2026-50751, a critical logic flow flaw in IKEv1 VPN setups allowing unauthenticated password bypass.
CVE-2024-3300: Critical Everest Forms Pro Bypass Leads to Site Takeover
Hackers are actively exploiting an authentication bypass in the Everest Forms Pro WordPress plugin (CVE-2024-3300). Update immediately to prevent takeover.
Hardening Automatic Tank Gauge Systems Against Cyber Threats
CISA and partners warn of active cyber threats targeting Automatic Tank Gauge (ATG) systems. Learn to secure critical infrastructure assets now.
CVE-2026-8732: WP Maps Pro Admin Creation Vulnerability Exploited
Critical vulnerability [CVE-2026-8732] in WP Maps Pro allows unauthenticated attackers to create admin accounts, leading to WordPress site takeovers. Patch immediately.
_Sergey_Tarasov_Alamy.png?width=1280&auto=webp&quality=80&disable=upscale)
Palo Alto PAN-OS GlobalProtect VPN: Active Auth Bypass Exploitation
Urgent advisory on the active exploitation of an authentication bypass vulnerability affecting Palo Alto Networks PAN-OS GlobalProtect VPN. Patch immediately.
CVE-2024-5910: Palo Alto GlobalProtect Auth Bypass Exploited - Patch Now
Palo Alto Networks warns that attackers are exploiting CVE-2024-5910, a critical authentication bypass in GlobalProtect gateway. Learn how to secure your PAN-OS.