Latest news

Critical CVSS 9.8 Flaw in CrowdStrike LogScale Lets Unauthenticated Attackers Read Server Files
Vulnerability

Critical CVSS 9.8 Flaw in CrowdStrike LogScale Lets Unauthenticated Attackers Read Server Files

28 April 2026 dark6

CrowdStrike has issued an emergency advisory for CVE-2026-40050, a CVSS 9.8 unauthenticated path-traversal flaw in LogScale that lets remote attackers...
Read more 0
CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed
AI

CVSS 10.0: Critical Flowise AI Vulnerability Is Being Actively Exploited — 15,000+ Instances Still Exposed

9 April 2026 dark6

A maximum-severity RCE vulnerability (CVE-2025-59528, CVSS 10.0) in the popular Flowise AI agent builder is under active attack. Over 15,000...
Read more 0
Chrome’s Fourth Zero-Day of 2026: CISA Orders Federal Agencies to Patch CVE-2026-5281 by April 15
Vulnerability

Chrome’s Fourth Zero-Day of 2026: CISA Orders Federal Agencies to Patch CVE-2026-5281 by April 15

9 April 2026 dark6

Google has patched CVE-2026-5281, a use-after-free zero-day in Chrome’s WebGPU engine already exploited in the wild. It’s the fourth Chrome...
Read more 0
A Silent Vulnerability Exposed: How Hackers Used Hidden Commands to Steal Sensitive Data
Vulnerability

A Silent Vulnerability Exposed: How Hackers Used Hidden Commands to Steal Sensitive Data

3 December 2025 dark6

Microsoft’s seemingly “unremarkable” November 2025 Patch Tuesday update actually contained a major security fix. But even the most meticulous patching...
Read more 0
FortiWeb CVE-2025-64446 PoC: a critical weapon now widely available
Vulnerability

FortiWeb CVE-2025-64446 PoC: a critical weapon now widely available

16 November 2025 dark6

The cybersecurity landscape has shifted once again, driven by the public release of a proof-of-concept exploit targeting the critical vulnerability...
Read more 0
NVIDIA NeMo Framework: a critical cascade of vulnerabilities
Vulnerability

NVIDIA NeMo Framework: a critical cascade of vulnerabilities

14 November 2025 dark6

The NVIDIA NeMo Framework, a cornerstone of conversational AI development, has recently revealed a significant and frankly concerning weakness. The...
Read more 0
Critical Roundcube vulnerability (CVE-2025-49113): exploit sold in Darknet as “Email Armageddon” looms
Vulnerability

Critical Roundcube vulnerability (CVE-2025-49113): exploit sold in Darknet as “Email Armageddon” looms

6 June 2025 securebulletin.com

A decade-old Remote Code Execution (RCE) flaw in Roundcube, the widely used open-source email client, has escalated into a global...
Read more 0
China-Linked APTs exploit critical SAP NetWeaver vulnerability to breach over 580 systems globally
Cybercrime

China-Linked APTs exploit critical SAP NetWeaver vulnerability to breach over 580 systems globally

13 May 2025 securebulletin.com

In a significant escalation of cyber-espionage activities, multiple China-affiliated advanced persistent threat (APT) groups have been found actively exploiting a...
Read more 0
MITRE Signals Critical Risk to CVE Program as Federal Funding Expires
Vulnerability

MITRE Signals Critical Risk to CVE Program as Federal Funding Expires

15 April 2025 securebulletin.com

The cybersecurity world faces a significant challenge as the Common Vulnerabilities and Exposures (CVE) program, a cornerstone of global vulnerability...
Read more 0
The Ballista Botnet: a new IoT threat with italian roots
Malware

The Ballista Botnet: a new IoT threat with italian roots

11 March 2025 securebulletin.com

Cato Networks has uncovered a sophisticated IoT botnet, dubbed Ballista, targeting TP-Link Archer routers by exploiting a two-year-old vulnerability (CVE-2023-1389)....
Read more 0
Fog’s dubious GitLab claims: investigation on instances
Ransomware

Fog’s dubious GitLab claims: investigation on instances

6 March 2025 securebulletin.com

One name that has been gaining traction since late January is Fog, a ransomware operation that has been particularly vocal...
Read more 0
A critical race condition vulnerability (CVE-2025-24118) in Apple’s macOS kernel has been discovered
Vulnerability

A critical race condition vulnerability (CVE-2025-24118) in Apple’s macOS kernel has been discovered

3 February 2025 securebulletin.com

A critical vulnerability has been identified in the macOS kernel (XNU), designated as CVE-2025-24118, which poses significant risks for users...
Read more 0