News about security failures, exploits and vulnerabilities in systems
Ivanti has published an urgent notice about a new security failure in its on-premises mobile device manager, Endpoint Manager Mobile (EPMM), identified as CVE-2026-6973 with a CVS…
The Australian Cybersecurity Centre (ACSC) has just warned about an active campaign using the social engineering technique known as ClickFix to induce victims to run malicious com…
Ivanti has issued an urgent warning and patches for a remote execution vulnerability of high-gravity code in its on-premises Endpoint Manager Mobile (EPMM) product, registered as …
In 2026 the greatest threat to business security is no longer just a technical explosion: is the human interaction with increasingly convincing messages created by IA. The attacke…
Data loss protection (DLP) has traditionally been seen as an endpoint and network problem: equipment installed agents, file inspection and traffic monitoring seemed sufficient. Ho…
A dozen critical vulnerabilities have replaced the focus on vm2, the Node.js library most used to run unreliable JavaScript code within a "sandbox." The failures allow from escape…
A phishing attack taking advantage of Google-sponsored ads has put in check to WordPress site administrators using ManageWP, the GoDaddy platform to manage multiple facilities fro…
Cybersecurity researchers have identified a new Mirai-derived botnet that is self-called xlabs _ v1 and that takes advantage of services from Android Debug Bridge (ADB) exposed to…
A critical failure in the sandboxing library for Node.js vm2 - registered as CVE-2026-26956- allows malicious code to escape the cage and run arbitrary commands in the host. Vulne…
