Content Paint
Search
Sign in
Membership

vulnerabiities

Security  | Mar 05, 2026
Two different CVSS 10s offer root on Cisco Secure Firewall Management Center
Two different CVSS 10s offer root on Cisco Secure Firewall Management Center

No reports yet that CVE-2026-20079 and CVE-2026-20131 are being exploited, but we happen to know Cisco 0days get quietly exploited for years.

Security  | Feb 26, 2026
Banks – and Google – open to Gemini-powered exfil via public API keys, researchers say
Banks – and Google – open to Gemini-powered exfil via public API keys, researchers say

The API keys Google told you to make public can now be used to exfiltrate data via Gemini or run up usage, says Truffle.

 |  Security  | Feb 16, 2026
Malicious servers beat zero-knowledge encryption for major cloud password managers, researchers show
Malicious servers beat zero-knowledge encryption for major cloud password managers, researchers show

Assuming a vendor is compromised (yet again), standard claims of password safety simply don't hold up, says a paper published on Monday.

Security  | Jun 24, 2025
CVE-2025-5777 – Citrix Bleed, Redux?
CVE-2025-5777 – Citrix Bleed, Redux?

That advisory got a worrying update...

Security  | Nov 08, 2024
CISA: Critical Palo Alto Networks vulnerability exploited in the wild
CISA: Critical Palo Alto Networks vulnerability exploited in the wild

Expedition, a migration tool, hit by bug that could allow attackers with network access to "access secrets, credentials, and other data".

zero day  | Aug 27, 2024
China's Volt Typhoon exploits zero-day vulnerability to zap ISPs and MSPs
ChatGPT's depiction of a Volt Typhoon

APT deploys web shell disguised as a PNG file in a bid to steal credentials and crack into customers' networks downstream.

Business  | Jul 18, 2024
Critical Cisco vulnerability CVE-2024-20419 lets unauthenticated attackers change admin passwords
Critical Cisco vulnerability CVE-2024-20419 lets unauthenticated attackers change admin passwords

"A successful exploit could allow an attacker to access the web UI or API with the privileges of the compromised user."

 |  News  | Jun 11, 2024
Network devices now riskier than endpoints, research claims
Network devices now riskier than endpoints, research claims

Study highlights devices which suffer the most vulnerabilities and warns of risks to come - including industrial robots

Business  | Apr 25, 2024
Cisco ASA zero days exploited in wild: NCSC says “pull the power plug” to avoid persistence
Cisco ASA zero days exploited in wild: NCSC says “pull the power plug” to avoid persistence

Four months of exploitation in the wild? Deep joy...

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2026 The Stack
©  2026 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.