cybersecurity-alert

Preview image for a blog post

Cisco SD-WAN Manager Zero-Day: Exploited Months Before Disclosure, Google TAG Warns

High-severity Cisco SD-WAN flaw exploited for months as a zero-day. Google warns critical infrastructure remains at risk.
Preview image for a blog post

Gravity SMTP Plugin Zero-Day: Unauthenticated Attackers Expose WordPress API Keys (CVE-2026-4020)

Threat actors exploit Gravity SMTP WordPress plugin (CVE-2026-4020) to extract API keys, secrets, and OAuth tokens from 100,000 sites.
Preview image for a blog post

ACSC Issues Critical Alert: ClickFix Attacks Deploying Vidar Infostealer Threaten Australian Organizations

ACSC warns Australian organizations about ClickFix attacks delivering Vidar infostealer. Learn about threats, forensics, and mitigation.
Preview image for a blog post

FortiClient EMS Under Siege: Actively Exploited Zero-Day Demands Immediate Hotfix as Full Patch Looms

Fortinet users face critical zero-day exploits in FortiClient EMS. Immediate hotfix is crucial while a full patch is pending.
Preview image for a blog post

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Urgent security alert: Google confirms actively exploited Chrome zero-day enabling RCE and device compromise. Patch immediately!
Preview image for a blog post

Critical Alert: CVE-2025-32975 (CVSS 10.0) Actively Exploited in Quest KACE SMA Systems

Maximum-severity CVE-2025-32975 actively exploited in unpatched Quest KACE SMA systems, enabling full system compromise.