Coverage
Vulnerabilities
738 articles on vulnerability disclosures and exploits
Advertisement
CVE-2026-3893: Unauthenticated Access in Carlson VASCO-B GNSS Receiver
Critical CVE-2026-3893 in Carlson VASCO-B GNSS Receivers <1.4.0 allows unauthenticated remote alteration of critical system functions. Update to v1.4.0+.
FIRESTARTER Backdoor: Persistent Threat to Cisco Firepower & Secure Firewall
CISA and NCSC warn of FIRESTARTER, an APT-deployed backdoor maintaining persistence on Cisco Firepower and Secure Firewall devices post-patching.
Anthropic AI Agent Memory Vulnerability: Data Exposure Risks
Cisco discovered a significant memory handling vulnerability in Anthropic AI agents, risking data exposure. This highlights persistent security challenges in AI systems.
AI in Vulnerability Discovery: 360 Digital Security Group's Claims Examined
Runtime Rebel examines 360 Digital Security Group's claims of using AI to discover over 1,000 vulnerabilities, including at Tianfu Cup, and the implications for security
Analyzing the $290M DeFi Breach and macOS LotL Exploitation
An analysis of the $290 million DeFi protocol hack, macOS living-off-the-land techniques, and ProxySmart SIM farming operations identified in recent reports.
CVE-2024-23296: Apple Patches Actively Exploited Notification Flaw
Apple releases urgent security updates for iOS and iPadOS to address CVE-2024-23296, a memory corruption vulnerability in Notification Services seeing active use.
CVE-2024-38107: Microsoft Defender BlueHammer Flaw Exploited - Patch Now
CISA orders federal agencies to patch the BlueHammer zero-day, a critical Microsoft Defender privilege escalation flaw currently under active exploitation.
Anthropic Project Glasswing: The Shift to AI-Driven Zero-Day Discovery
Anthropic delays Project Glasswing after its AI model identifies critical zero-day vulnerabilities across major tech stacks, sparking a massive patching effort.
Defeating Automated Exploitation in the Collapsing Exploit Window
AI-driven automation is accelerating the exploit lifecycle. Learn how the collapsing exploit window impacts vulnerability management and automated defense.
AI Impact on Vulnerability Management: Real-World Trends and Risks
Analyze how artificial intelligence impacts vulnerability research and discovery, separating industry hype from technical reality for security professionals.
CVE-2024-21412: Microsoft Defender Zero-Day Exploitation and Analysis
Analysis of a Microsoft Defender zero-day vulnerability used to extract NTLM hashes from the SAM database and achieve system-level privileges.
CVE-2026-28950: Apple Fixes iOS Notification Data Retention Flaw
Apple patches CVE-2026-28950 in iOS and iPadOS, a logging issue that allowed deleted notifications to persist on devices, impacting forensic privacy.