Attackers

Microsoft Released Emergency Security Updates; Patches Microsoft Office 0-Day Vulnerability

Microsoft Released Emergency Security Updates

DNS CNAME Used as Relay Attack for New Kerberos-PoC Released

A dangerous flaw in how Windows environments handle Kerberos service ticket requests one that significantly expands the practical attack surface for Kerberos relaying in Active Directory.

Cyberattack Campaign Targeted CISCO Products; Impacting Cisco AsyncOS Software; Security Updates Released

Cisco Patched Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

SonicWall Releases Patches in Actively Exploited Privilege Escalation Vulnerability

SonicWall has released a security update to fix a privilege escalation vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that was tricked in zero-day attacks to escalate privileges.

Apple iOS & iPadOS Patch 0-Days Vulnerabilities, Exploited in Targeted Attacks

Apple iOS & iPadOS Patch Zero-Days Vulnerabilities, Exploited in Targeted Attacks

SAP Dec 2025 Security Patch Released, Critical RCE Fixed & DoS Vulnerabilities

Critical and High severity flaws in SAP business software, includes remote code execution, code injection, DoS and other vulnerabilities

Critical Vulnerabilities Identified in React Server Components & Next.js; Due to the high severity Patching is Required

Critical React & Next.js RCE Vulnerabilities identified; Patches released .Attackers can craft malicious requests to trigger arbitrary server-side code execution in unpatched environments using default configurations.