Latest news

Critical Exim Vulnerability (EXIM-Security-2026-05-01.1): Remote Code Execution via GnuTLS BDAT Flaw — Patch Now
Vulnerability

Critical Exim Vulnerability (EXIM-Security-2026-05-01.1): Remote Code Execution via GnuTLS BDAT Flaw — Patch Now

14 May 2026 dark6

A critical use-after-free vulnerability in Exim mail servers (versions 4.97–4.99.2 with GnuTLS) allows unauthenticated remote attackers to corrupt heap memory...
Read more 0
CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw
Vulnerability

CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw

13 May 2026 dark6

CISA has added CVE-2026-32202, a zero-click Windows Shell authentication coercion flaw, to its KEV catalog following confirmed active exploitation by...
Read more 0
PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16
Vulnerability

PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16

13 May 2026 dark6

A public PoC exploit for CVE-2026-0073 enables any network-local attacker to gain a full ADB shell on unpatched Android 14–16...
Read more 0
Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls
Vulnerability

Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls

13 May 2026 dark6

Palo Alto Networks is warning of a critical CVE-2026-0300 buffer overflow in PAN-OS Captive Portal that enables unauthenticated root-level remote...
Read more 0
Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws
Vulnerability

Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws

13 May 2026 dark6

Microsoft's May 2026 Patch Tuesday delivers fixes for 120 vulnerabilities including 29 Critical-rated remote code execution flaws across Windows, SharePoint,...
Read more 0
Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report
Vulnerability

Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report

12 May 2026 dark6

Google's Threat Intelligence Group reveals that cybercriminals have used AI to develop a working zero-day exploit targeting a web administration...
Read more 0
Let’s Encrypt Halts All Certificate Issuance After Cross-Signed Root Certificate Incident
Vulnerability

Let’s Encrypt Halts All Certificate Issuance After Cross-Signed Root Certificate Incident

11 May 2026 dark6

Let's Encrypt temporarily suspended all certificate issuance on May 8, 2026, after engineers identified a critical issue with a cross-signed...
Read more 0
Microsoft Patches Three Critical Information Disclosure Vulnerabilities in Microsoft 365 Copilot and Edge
Vulnerability

Microsoft Patches Three Critical Information Disclosure Vulnerabilities in Microsoft 365 Copilot and Edge

11 May 2026 dark6

Microsoft has disclosed and fully remediated three critical information disclosure vulnerabilities — CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111 — affecting Microsoft 365...
Read more 0
Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks
Vulnerability

Three Critical cPanel and WHM Vulnerabilities Enable Code Execution, File Reads, and DoS Attacks

11 May 2026 dark6

cPanel has disclosed three critical security vulnerabilities — CVE-2026-29201, CVE-2026-29202, and CVE-2026-29203 — affecting its widely deployed cPanel & WHM...
Read more 0
Five Critical Redis Vulnerabilities Enable Remote Code Execution Across All Editions — Patch Now
Vulnerability

Five Critical Redis Vulnerabilities Enable Remote Code Execution Across All Editions — Patch Now

10 May 2026 dark6

Redis has disclosed five high-severity vulnerabilities (CVE-2026-23479, CVE-2026-25243, CVE-2026-25588, CVE-2026-25589, CVE-2026-23631) affecting Redis Cloud, Redis Software, and all open-source community...
Read more 0
WatchGuard Agent Vulnerabilities Allow Attackers to Escalate to Full SYSTEM Privileges on Windows
Vulnerability

WatchGuard Agent Vulnerabilities Allow Attackers to Escalate to Full SYSTEM Privileges on Windows

10 May 2026 dark6

WatchGuard has released urgent security updates patching four high-severity vulnerabilities in the WatchGuard Agent for Windows, including chained CVE-2026-6787 and...
Read more 0
Critical Next.js and React Server Components Vulnerabilities: SSRF, DoS, and Middleware Bypass Patched
Vulnerability

Critical Next.js and React Server Components Vulnerabilities: SSRF, DoS, and Middleware Bypass Patched

9 May 2026 dark6

Vercel has released a sweeping set of security advisories for Next.js addressing more than a dozen vulnerabilities including denial-of-service, SSRF...
Read more 0