vulnerabilities

Patch Tuesday | Feb 10, 2026

Patch Tuesday: Microsoft pushes fixes for SIX zero days – MSHTML under attack again

EOP to SYSTEM via Windows Remote Access ftw.

Security | Feb 07, 2026

European Commission’s mobile management "infrastructure" hacked - EPMM the culprit?

Dutch NCSC warns on the same day that Ivanti EPMM "abuse has taken place much more broadly than previously known - assume compromise"

Fortinet | Jan 28, 2026

Fortinet customers exploited after SSO howler

‘SSO’ means easy ‘cross-tenant pwnage’ dontcha know?

vulnerabilities | Jan 26, 2026

Microsoft 365 0day exploited: No full patch yet

Registry key chaos ftw...

Oracle | Jan 22, 2026

Oracle warns over easily exploitable CVSS 10 bug

Unpatched Fusion Middleware is how Oracle itself got hacked…

ServiceNow | Jan 14, 2026

ServiceNow AI vulnerability: Hardcoded password helped make anyone admin

Spin up rogue AI agents? All it took was a knowing an email address...

| vulnerabilities | Jan 08, 2026

Critical HPE bug exploited: Backdoor, or bad security testing?

Just an undocumented utility API exposed on a public management port without an active session requirement giving an attacker access to all your servers then?

Jan 05, 2026

A CVE explosion - and the lessons from it

8,000+ XSS bugs

vulnerabilities | Dec 28, 2025

MongoBleed exploitation: Community rallies to deliver detection logic, tools

Detection "requires somewhat complex logic which could be tricky to port into most SIEM detection engines..."

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();