network security
11 articles
Microsoft April 2026 Patch Tuesday: SharePoint Zero-Day CVE-2026-32201 Actively Exploited + CVSS 9.8 Windows IKE RCE Among 169 Fixes
April 15, 2026 · critical
CVE-2026-34197: 13-Year-Old Apache ActiveMQ RCE Flaw Chains with Auth Bypass — Plus 20 More Threats This Week
April 11, 2026 · high
Masjesu Botnet: The Stealthy DDoS-for-Hire Service Quietly Hijacking IoT Devices Since 2023 — Now Hitting 300 Gbps
April 8, 2026 · high
CVE-2026-34040: Docker AuthZ Plugin Bypass Lets Attackers Escape Containers and Gain Full Host Access — AI Agents Can Trigger It Automatically
April 7, 2026 · high
$285 Million Drift Hack: North Korea's UNC4736 Spent Six Months Building Trust Before Draining Everything in 10 Seconds
April 6, 2026 · critical
36 Malicious npm Packages Disguised as Strapi Plugins Exploit Redis and PostgreSQL to Deploy Persistent Implants and Reverse Shells
April 5, 2026 · critical
Microsoft Exposes Cookie-Controlled PHP Web Shells That Resurrect Themselves via Cron — A New Stealthy Linux Persistence Technique
April 4, 2026 · high
North Korea's UNC1069 Backdoored Axios npm Package — 183 Million Weekly Downloads Exposed to WAVESHAPER.V2 Backdoor
April 1, 2026 · critical
OpenAI Patches Two Critical Vulnerabilities: ChatGPT Data Exfiltration via Side Channel and Codex Command Injection Exposing GitHub Tokens
March 31, 2026 · high
CVE-2026-3055: Citrix NetScaler Critical Flaw Leaks Sensitive Memory — Patch Immediately Before Exploitation Begins
March 25, 2026 · critical
900+ FreePBX Phone Systems Hacked via Critical Command Injection Flaw
February 28, 2026 · high