Microsoft released a security update in January that addresses two serious zero-day vulnerabilities in the NTFS file system. The vulnerabilities affected more than thirty versions of desktop and server operating...

A recently fixed vulnerability allowed attackers to exploit Microsoft Copilot Personal with a single click to steal sensitive user data. Using a phishing link, attackers were able to take control...

On January 12, 2026, Progress Software Corporation released patches that address two high-severity Command Injection vulnerabilities, which could allow remote attackers to execute malicious code on LoadMaster load balancers and...

A critical security flaw was recently patched by Fortinet through update releases, which significantly impacted FortiSIEM . An unauthenticated attacker could have exploited this weakness to execute arbitrary code on...

A critical flaw has been identified in ServiceNow's artificial intelligence platform, with a severity score of 9.3 out of 10. This vulnerability, classified as CVE-2025-12420, could allow attackers to impersonate...

A new flaw has emerged in the foundation of one of the most popular Java frameworks on the web. Cybersecurity experts at ZAST.AI have discovered a significant security flaw in...

The Cybersecurity and Infrastructure Security Agency (CISA) of the United States of America has raised the alarm about the active exploitation of a critical vulnerability in HPE OneView , an...

A flaw has been discovered in the foundation of the Java web ecosystem. Undertow , the high-performance web server that powers enterprise heavyweights like WildFly and JBoss EAP , has...

Backups are generally considered the last line of defense, but this week Veeam reminded us that backup systems themselves can become entry points for attacks. The company released security updates...

A new report published by the Huntress Tactical Response Team documents a highly sophisticated intrusion detected in December 2025 , in which an advanced actor managed to compromise a VMware...