Browsing: attackers

“Rapid7 MDR identified successful exploitation across numerous customers, however we did not observe any indication of successful lateral movement from…

A critical NGINX vulnerability (CVE-2026-42945) disclosed last week is being exploited by attackers, VulnCheck security researcher Patrick Garrity revealed on…

A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and…

Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service.

A new threat campaign is using RubyGems as a dead drop to store exfiltrated data, but the attacker’s long-term plans…

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the…

Threat actors have separately started exploiting two critical-severity vulnerabilities in MetInfo and Weaver E-cology that allow them to execute arbitrary…

Phishing returned as the leading method attackers used to break into organizations in the first quarter of 2026, accounting for…

Ravie LakshmananApr 07, 2026Vulnerability / DevSecOps A high-severity security vulnerability has been disclosed in Docker Engine that could permit an…

Cisco has fixed ten vulnerabilities affecting its Integrated Management Controller (IMC), the most critical of which (CVE-2026-20093) could allow an…