Get the daily digest
A compact daily briefing of the highest-signal cybersecurity stories, in your inbox. Email digest is coming soon.
Daily cybersecurity intelligence
The latest unpatched intel.
Raw, actionable daily security news for defenders tracking exploited vulnerabilities, ransomware, breaches, malware, cloud risk, supply-chain security, and practical detection guidance.
Latest stories
/
Unauthorized Access Threat to Industrial Control Systems via Brickcom Camera Vulnerability
A recent advisory from CISA highlights a vulnerability in Brickcom Cameras that could allow unauthorized access to industrial control systems.
Unpatched Vulnerability Exposes Brickcom Cameras to Unauthorized Live Video Access
A significant vulnerability (CVE-2026-50245) has been identified in Brickcom's Cube cameras, allowing unauthenticated access to live video feeds via the `/ONVIF` endpoint.
Critical Path Traversal Flaw in Langflow Exploited, Immediate Upgrade Advised
A critical path traversal vulnerability in the AI development platform Langflow (CVE-2026-5027) is being actively exploited.
Exploited Ivanti Sentry Vulnerability Grants Root Access to Attackers
Attackers are exploiting a high-severity command injection vulnerability in Ivanti Sentry, allowing them to execute code with root privileges on exposed secure mobile gateways.
Microsoft Fixes Critical XSS Flaw in Exchange Server Actively Exploited by Threat Actors
Microsoft has patched an actively exploited vulnerability in Exchange Server that allows threat actors to execute arbitrary JavaScript code via cross-site scripting (XSS) attacks.
Microsoft Fixes Critical Zero-Days Allowing SYSTEM Privileges and BitLocker Bypass
Microsoft recently patched three zero-day vulnerabilities-GreenPlasma, MiniPlasma, and YellowKey-that could allow attackers to gain SYSTEM privileges or bypass BitLocker protection on Windows systems.
Microsoft's June Patch Tuesday Unveils 206 Fixes: Urgent Patch Needed for Self-Spreading Vulnerability
Microsoft's June Patch Tuesday delivered an unprecedented 206 security fixes, with AI playing a significant role in vulnerability discovery.
Remote Code Execution and Unauthorized Admin Account Creation in Ivanti Sentry Expose Critical Security Risks
Critical vulnerabilities in Ivanti Sentry have been disclosed, allowing remote unauthenticated attackers to execute arbitrary commands with root privileges (CVE-2026-10520) and create administrative a
Unauthenticated Access Vulnerability Patched by ServiceNow After Anomalous Activity Detected
ServiceNow has patched a vulnerability that allowed unauthenticated users to access more than intended in certain circumstances.
Unpatched Fortinet Flaw Enables Arbitrary Code Execution for Attackers
A critical vulnerability in Fortinet's FortiSandbox allows unauthenticated attackers to execute arbitrary commands via crafted HTTP requests.
Actively Exploited Arista EOS Vulnerability Threatens High-Performance Switches, No Patch Planned
A vulnerability in Arista's Extensible Operating System (EOS) has been actively exploited without a planned patch.
Critical Authentication Bypass in Check Point VPN Exploited by Ransomware Group
A critical vulnerability in Check Point's VPN products has been exploited since May 7, allowing attackers to bypass authentication.