Coverage
Vulnerabilities
754 articles on vulnerability disclosures and exploits
Advertisement
OpenClaw AI Agent Flaws: Prompt Injection and Data Exfiltration Risk
CNCERT warns of critical security flaws in OpenClaw AI agents, enabling prompt injection and data exfiltration due to weak default configurations.
CVE-2024-47460: Critical HPE AOS-CX Password Reset Bypass - Patch Now
HPE Aruba Networking fixes a critical vulnerability (CVE-2024-47460) in AOS-CX switches allowing unauthenticated remote attackers to reset admin passwords.
Leveraging Community-Driven Threat Intelligence via Friday Squid Blogging
An analysis of the role of moderated community forums in cybersecurity intelligence gathering and the significance of the Bruce Schneier discussion model.
Windows 11 C: Drive Access Failure on Samsung PCs - Mitigation Guide
Microsoft investigates an issue where February 2026 Windows 11 security updates prevent C: drive access on Samsung laptops, blocking all applications.
CVE-2026-3909 & CVE-2026-3910: Actively Exploited Google Vulnerabilities
CISA added two Google vulnerabilities (Skia Out-of-Bounds Write, Chromium V8 unspecified) to its KEV Catalog due to active exploitation. Patch now.
Cisco SD-WAN vManage RCE: Fake PoCs & CVE-2023-20252 Exploitation
Threat intelligence reveals fake PoCs for Cisco SD-WAN vManage CVE-2023-20252. Understand actual RCE risks and critical patching for affected systems.
Google Cloud Attacks: Exploitation Outpaces Patching Cycles
Vulnerability exploitation, not stolen credentials, is the primary initial compromise vector for Google Cloud environments, often bypassing patching efforts.
N8n Flaw Exploitation, Slopoly Malware, AppArmor LPE: Key Threats
Analysis of recent cybersecurity threats: actively exploited N8n flaw, Slopoly malware, Linux AppArmor root privilege vulnerability, and Telus Digital breach.
Google's $17M Bug Bounty: Insights on Chrome & Cloud Security
Google paid out $17 million in bug bounties in 2025, with major rewards for Chrome and cloud security flaws. Understand the implications for enterprise defense.
CrackArmor: Nine Linux AppArmor Flaws Enable Root Escalation
Qualys researchers reveal nine CrackArmor vulnerabilities in the Linux AppArmor module, allowing unprivileged users to bypass container isolation and gain root.
Google Patches Chrome Zero-Days CVE-2026-3909 in Skia and V8
Google addresses two high-severity Chrome zero-days, including CVE-2026-3909, exploited in the wild via Skia and V8. Learn how to secure your browser now.
Chrome 146 Patch: Two Exploited Zero-Days CVE-2025-0672 and CVE-2025-0673
Google addresses two actively exploited vulnerabilities in Chrome 146. CVE-2025-0672 and CVE-2025-0673 allow data manipulation and remote code execution.