Microsoft disrupted StegoAd, a malicious browser extension campaign affecting up to 2.6 million users. StegoAd used hidden payloads, delayed execution and steganography to evade browser security ...

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...

New activity targets CVE‑2026‑20230, an SSRF bug that can allow unauthenticated file writes and potential root‑level access ...

Kaspersky says attackers are using fake WhatsApp document attachments to run VBScript malware and install ManageEngine RMM ...

PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...

A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being ...

Cisco Unified CM CVE-2026-20230 is under active exploitation, allowing file writes on WebDialer-enabled systems.

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...

Learn about the tools I setup up on every new home server for remote access, container management, dashboard, and monitoring ...

A cheap, Telegram-controlled remote access trojan (RAT) dubbed Millenium RAT has infected over 60,000 Windows devices across ...