17+ hour, 11+ min ago  (416+ words) A critical security advisory in May 2026 for Sitefinity CMS and Sitefinity Insight, warning of multiple severe vulnerabilities that expose enterprise environments to credential theft and unauthorized access. The disclosure highlights five distinct security flaws affecting various versions of the platform,…...

17+ hour, 11+ min ago  (439+ words) A critical vulnerability has been discovered in Verizon's Voice over LTE (Vo LTE) infrastructure, exposing Session Initiation Protocol (SIP) messages to manipulation. Tracked officially as CVE-2026-10629, this security gap allows on-path attackers to intercept and alter mobile communications without detection....

17+ hour, 12+ min ago  (344+ words) With a CVSSv3 base score of 8. 0, the vulnerabilities fall into the "Important" severity range. Security updates are now available to address these flaws across all impacted product lines. The vulnerabilities were privately reported by security researcher Alexis Bernazzani from Visa Inc....

17+ hour, 16+ min ago  (438+ words) As enterprise organizations rush to integrate these agentic AI systems into their infrastructure, the attack surface is expanding at an unprecedented rate. To address these emerging threats, the Open Worldwide Application Security Project (OWASP) has released a critical new resource…...

17+ hour, 13+ min ago  (433+ words) Tracked by threat intelligence researchers under the name CL-CRI-1147, this newly identified group represents a growing trend of specialized, human-driven extortion operations. Pink officially launched its dedicated dark web leak site on May 31, 2026, signaling its readiness to shame corporate victims…...

18+ hour, 32+ min ago  (436+ words) A recently disclosed critical Redis bug allows remote attackers to take over the server via a severe Use-After-Free vulnerability in the replication subsystem. The researcher earned a $30, 000 bounty for demonstrating how the exploit exploits a synchronization flaw in master-replica communication....

20+ hour, 59+ min ago  (328+ words) The 2026 FIFA World Cup, hosted across the United States, Mexico, and Canada, is expected to be one of the largest sporting events in history. This massive global hype has created a highly lucrative environment for financially motivated threat actors. Cybercriminals…...

21+ hour ago  (350+ words) Verdant Bamboo hackers compromised a pf Sense firewall and deployed a Free BSD variant of the BRICKSTORM backdoor, giving the threat actor long-term access to a managed service provider's network. The activity was uncovered during a Volexity incident response investigation,…...

3+ day, 18+ hour ago  (381+ words) A new variant of the Gafgyt botnet, tracked as C0 XMO, is rapidly expanding its reach across multiple Linux architectures. Discovered earlier this year, this malware initially breaches systems by exploiting CVE-2021-27137, a stack buffer overflow vulnerability found in the UPn…...

3+ day, 18+ hour ago  (413+ words) Threat actors are leveraging fake software websites to distribute Reaper, a significantly updated version of the mac OS SHub Stealer. By impersonating popular applications like We Chat and Miro, cybercriminals are successfully deploying this malware to unsuspecting Mac users. The…...