Older posts, still searchable. ← Back to recent posts
CVE-2026-0257 lets attackers fake VPN credentials without a password and walk straight into your business network. Rapid7 confirmed active exploitation across multiple customers. Here's what it means and exactly what to do.
A serious authentication bypass flaw in Palo Alto GlobalProtect VPN is being actively exploited — no password required. Here's what small businesses need to know and do right now.
Attackers are exploiting a critical FortiClient EMS vulnerability (CVE-2026-35616) to push a fake Fortinet update that silently harvests passwords, session cookies, and even credit card data from business computers. Here's what the attack looks like and how to protect your organization.
Carnival Corporation confirmed a social engineering attack exposed the personal data of nearly 6 million customers, including passport numbers, dates of birth, and email addresses. Here's what affected passengers need to do right now.
A critical vulnerability in Fortinet's FortiClient EMS (CVE-2026-35616) is being actively exploited to steal browser passwords, cookies, and credit card data — without requiring a single login credential from attackers. Here's what it is, who's affected, and what to do right now.
The FBI has issued an alert about Kali365, a phishing-as-a-service platform that hijacks Microsoft 365 accounts by abusing a legitimate Microsoft login feature — bypassing MFA entirely. Here's how it works and what your business needs to do.
Attackers are exploiting a patched Ghost CMS SQL injection flaw to silently inject malicious JavaScript into hundreds of websites — including university sites — and use them to launch ClickFix malware attacks on unsuspecting visitors. Here's what Ghost CMS is, how to check if your site runs it, and exactly what to do.
A patched Ghost CMS flaw (CVE-2026-26980) is being actively exploited to hijack hundreds of websites — including those linked to Harvard and Oxford — and turn them into malware delivery traps. Here's what site owners must do, and what everyday visitors should watch for.
CISA has added the critical Drupal SQL injection flaw CVE-2026-9082 to its Known Exploited Vulnerabilities catalog, with over 15,000 attack attempts already recorded. Here's exactly how to check if your website is vulnerable and what to do immediately.
A critical SQL injection flaw in Drupal Core is under active attack just 48 hours after patching. CISA added it to its Known Exploited Vulnerabilities catalog, and over 15,000 attacks have already been observed. If your website runs Drupal on PostgreSQL, here's what you need to know right now.
GitHub confirmed that a single employee installing a malicious VS Code extension led to the theft of ~3,800 internal repositories. Here's what happened, who's behind it, and the practical steps every developer and small business should take to protect their code and tools.
A single GitHub employee installed a trojanized VS Code extension — and attackers walked away with roughly 3,800 internal repositories. Here's what happened, who's behind it, and how to vet your own extensions before the same thing happens to you.
