Latest news

Kali Linux 2026.1 Released: Eight New Hacking Tools, Kernel 6.18, and Enhanced Mobile Pentesting
Vulnerability

Kali Linux 2026.1 Released: Eight New Hacking Tools, Kernel 6.18, and Enhanced Mobile Pentesting

25 April 2026 dark6

Kali Linux 2026.1 has been released with eight new hacking tools including AdaptixC2, Atomic-Operator, and MetasploitMCP, alongside the Linux 6.18...
Read more 0
Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch
Vulnerability

Microsoft Confirms Windows Server 2025 Domain Controllers Enter Reboot Loops After April 2026 Patch

25 April 2026 dark6

Microsoft has confirmed that the April 2026 cumulative update KB5082063 causes Windows Server 2025 domain controllers to enter reboot loops,...
Read more 0
Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day
Vulnerability

Microsoft Patch Tuesday April 2026: 168 Vulnerabilities Fixed Including Actively Exploited SharePoint Zero-Day

25 April 2026 dark6

Microsoft's April 2026 Patch Tuesday fixes a record 168 vulnerabilities, including an actively exploited SharePoint zero-day (CVE-2026-32201) and a publicly...
Read more 0
Apache ActiveMQ Classic CVE-2026-34197: 13-Year-Old Vulnerability Now Under Active Exploitation, CISA Issues Federal Patch Mandate
Vulnerability

Apache ActiveMQ Classic CVE-2026-34197: 13-Year-Old Vulnerability Now Under Active Exploitation, CISA Issues Federal Patch Mandate

23 April 2026 dark6

A high-severity deserialization flaw in Apache ActiveMQ Classic (CVE-2026-34197, CVSS 8.8) that has existed for 13 years is now being...
Read more 0
Critical Fortinet FortiClient EMS Zero-Day CVE-2026-35616 Exploited Before Official Patch Was Released
Vulnerability

Critical Fortinet FortiClient EMS Zero-Day CVE-2026-35616 Exploited Before Official Patch Was Released

22 April 2026 dark6

A critical SQL injection zero-day in Fortinet's FortiClient EMS (CVE-2026-35616) is being actively exploited in the wild. WatchTowr sensors detected...
Read more 0
Windows Defender Triple Zero-Day: BlueHammer, RedSun, and UnDefend Actively Exploited in the Wild
Vulnerability

Windows Defender Triple Zero-Day: BlueHammer, RedSun, and UnDefend Actively Exploited in the Wild

22 April 2026 dark6

Three critical zero-day vulnerabilities — BlueHammer (CVE-2026-33825), RedSun, and UnDefend — have been discovered in Windows Defender's remediation engine. All...
Read more 0
Cisco Patches Four Critical Flaws in Identity Services Engine and Webex: Unauthenticated RCE and Full User Impersonation at Risk
Vulnerability

Cisco Patches Four Critical Flaws in Identity Services Engine and Webex: Unauthenticated RCE and Full User Impersonation at Risk

21 April 2026 dark6

Cisco has patched four critical vulnerabilities in Identity Services Engine (ISE) and Webex, including an unauthenticated remote code execution flaw...
Read more 0
Critical CVE-2026-33032 (MCPwn): Actively Exploited nginx-ui Flaw Enables Full Web Server Takeover in Two HTTP Requests
Vulnerability

Critical CVE-2026-33032 (MCPwn): Actively Exploited nginx-ui Flaw Enables Full Web Server Takeover in Two HTTP Requests

21 April 2026 dark6

CVE-2026-33032 (MCPwn) is a CVSS 9.8 authentication bypass in nginx-ui being actively exploited in the wild. Attackers can seize full...
Read more 0
Fortinet FortiClientEMS Under Active Attack: Critical CVE-2026-35616 (CVSS 9.1) Added to CISA KEV Catalog
Vulnerability

Fortinet FortiClientEMS Under Active Attack: Critical CVE-2026-35616 (CVSS 9.1) Added to CISA KEV Catalog

20 April 2026 dark6

A critical improper access control vulnerability in Fortinet FortiClientEMS (CVE-2026-35616, CVSS 9.1) is being actively exploited following the publication of...
Read more 0
Critical SAP SQL Injection CVE-2026-27681 (CVSS 9.9) Exposes Financial Data in Business Planning and Warehouse Systems
Vulnerability

Critical SAP SQL Injection CVE-2026-27681 (CVSS 9.9) Exposes Financial Data in Business Planning and Warehouse Systems

19 April 2026 dark6

SAP's April 2026 Patch Day addresses CVE-2026-27681, a near-perfect CVSS 9.9 SQL injection flaw in SAP Business Planning and Consolidation...
Read more 0
Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched
Vulnerability

Three Windows Defender Zero-Days Exploited in the Wild: BlueHammer Patched, RedSun and UnDefend Still Unpatched

19 April 2026 dark6

A security researcher dropped three Windows Defender zero-day exploits in 13 days — BlueHammer (CVE-2026-33825), RedSun, and UnDefend. All three...
Read more 0
CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges
Vulnerability

CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges

18 April 2026 dark6

CISA has added CVE-2026-34197, a high-severity (CVSS 8.8) deserialization flaw in Apache ActiveMQ Classic, to its Known Exploited Vulnerabilities catalog...
Read more 0