vulnerabilities

| linux | May 04, 2026

Copy Fail exploitation has begun, and Brian Pak is sorry for the chaos

"The current coordination model really needs to be improved..."

| vulnerabilities | Apr 30, 2026

Linux bug “Copy Fail”: Short Python script gives root on… everything?

“A very stable and straightforward exploit” across distros, developed after Xint Code pointed an LLM at the Linux kernel for “about an hour”

vulnerabilities | Apr 29, 2026

The internet's control plane, cPanel is under attack

Pre-auth RCE to root with a few HTTP requests. First IOCs start landing...

Cisco | Apr 25, 2026

FIRESTARTER backdoor used for persistence on Cisco boxes in "widespread campaign

The only real way to spot the malware is memory analysis. Organisations can get a disk image by opening a Cisco Technical Assistance Center (TAC) case. Good luck, y'all.

ActiveMQ | Apr 23, 2026

Apache ActiveMQ bug chain gives pre-auth RCE, is getting exploited

Found with Claude, not in KEV yet...

| Security | Apr 16, 2026

Overstretched NIST to limit CVE enrichments

More than 100,000 CVE likely to be left without additional details after backlog reached breaking point.

| vulnerabilities | Apr 13, 2026

Adobe confirms exploitation: Malware uses undocumented API

Adobe has confirmed active exploitation of a critical vulnerability affecting Acrobat and Reader. The bug has been allocated CVE-2026-34621.

vulnerabilities | Apr 10, 2026

Adobe Reader 0day abused in wild to deliver three-stage exploit chain

Step1: An improper input sanitisation in "ANFancyAlertImpl"

| Fortinet | Apr 06, 2026

Fortinet's endpoint management software is being exploited in the wild

It's like deja vu all over again...

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();