Latest news

CVE-2026-8178: Critical Amazon Redshift JDBC Driver Flaw Enables RCE via Malicious Connection URLs — Patch Now
Vulnerability

CVE-2026-8178: Critical Amazon Redshift JDBC Driver Flaw Enables RCE via Malicious Connection URLs — Patch Now

16 May 2026 dark6

A critical vulnerability (CVE-2026-8178) in the Amazon Redshift JDBC driver allows remote code execution through manipulated database connection URLs. The...
Read more 0
CVE-2026-44338: PraisonAI Framework Actively Exploited Within Hours of Disclosure — No Auth Required
Vulnerability

CVE-2026-44338: PraisonAI Framework Actively Exploited Within Hours of Disclosure — No Auth Required

16 May 2026 dark6

A critical authentication bypass flaw in PraisonAI's legacy API server (CVE-2026-44338) shipped with auth disabled by default, allowing unauthenticated attackers...
Read more 0
BitUnlocker: New Tool Breaks BitLocker on Patched Windows 11 Systems in Under 5 Minutes
Vulnerability

BitUnlocker: New Tool Breaks BitLocker on Patched Windows 11 Systems in Under 5 Minutes

15 May 2026 dark6

A publicly released tool called BitUnlocker demonstrates a practical downgrade attack against BitLocker on fully-patched Windows 11 machines, exploiting a...
Read more 0
CVE-2026-26083: Critical Fortinet FortiSandbox Flaw Allows Unauthenticated Remote Code Execution — Patch Now
Vulnerability

CVE-2026-26083: Critical Fortinet FortiSandbox Flaw Allows Unauthenticated Remote Code Execution — Patch Now

15 May 2026 dark6

Fortinet has disclosed CVE-2026-26083, a critical (CVSS 9.1) missing-authorization vulnerability in FortiSandbox that lets unauthenticated attackers execute arbitrary code remotely...
Read more 0
CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm
Vulnerability

CVE-2026-43898: Critical SandboxJS Escape (CVSS 10.0) Enables Full Host Takeover via npm

15 May 2026 dark6

A maximum-severity (CVSS 10.0) vulnerability in the SandboxJS npm library allows attackers to completely escape the JavaScript sandbox and execute...
Read more 0
CVE-2026-32185: Microsoft Teams for Android Vulnerability Enables Local Spoofing Attacks — Patch Available
Vulnerability

CVE-2026-32185: Microsoft Teams for Android Vulnerability Enables Local Spoofing Attacks — Patch Available

14 May 2026 dark6

Microsoft has patched CVE-2026-32185, a spoofing vulnerability in Microsoft Teams for Android that allows local attackers to impersonate trusted devices...
Read more 0
Critical Exim Vulnerability (EXIM-Security-2026-05-01.1): Remote Code Execution via GnuTLS BDAT Flaw — Patch Now
Vulnerability

Critical Exim Vulnerability (EXIM-Security-2026-05-01.1): Remote Code Execution via GnuTLS BDAT Flaw — Patch Now

14 May 2026 dark6

A critical use-after-free vulnerability in Exim mail servers (versions 4.97–4.99.2 with GnuTLS) allows unauthenticated remote attackers to corrupt heap memory...
Read more 0
CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw
Vulnerability

CISA Adds CVE-2026-32202 to KEV Catalog as APT28 Actively Exploits Zero-Click Windows Shell Flaw

13 May 2026 dark6

CISA has added CVE-2026-32202, a zero-click Windows Shell authentication coercion flaw, to its KEV catalog following confirmed active exploitation by...
Read more 0
PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16
Vulnerability

PoC Exploit Released for Android Zero-Click CVE-2026-0073 — Silent ADB Shell Access on Android 14–16

13 May 2026 dark6

A public PoC exploit for CVE-2026-0073 enables any network-local attacker to gain a full ADB shell on unpatched Android 14–16...
Read more 0
Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls
Vulnerability

Critical Palo Alto PAN-OS Vulnerability CVE-2026-0300 Actively Exploited — Unauthenticated Root RCE on Firewalls

13 May 2026 dark6

Palo Alto Networks is warning of a critical CVE-2026-0300 buffer overflow in PAN-OS Captive Portal that enables unauthenticated root-level remote...
Read more 0
Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws
Vulnerability

Microsoft Patch Tuesday May 2026: 120 Vulnerabilities Fixed, Including 29 Critical RCE Flaws

13 May 2026 dark6

Microsoft's May 2026 Patch Tuesday delivers fixes for 120 vulnerabilities including 29 Critical-rated remote code execution flaws across Windows, SharePoint,...
Read more 0
Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report
Vulnerability

Hackers Deploy AI-Generated Zero-Day Exploit to Bypass 2FA — Google GTIG Q2 2026 Report

12 May 2026 dark6

Google's Threat Intelligence Group reveals that cybercriminals have used AI to develop a working zero-day exploit targeting a web administration...
Read more 0