SecBlog | Cybersecurity Intelligence

2026-03-02 vulnerabilityzero-daycisco

CVE-2026-20127: Cisco SD-WAN Zero-Day Exploited Since 2023

What It Is A critical vulnerability designated as CVE-2026-20127 has been actively exploited in the wild. This flaw has a maximum CVSS severity score of 10.0 and allows an unauthenticated remote...

2026-02-23 fortigateaifirewall

AI-Assisted Hackers Compromise 600+ FortiGate Firewalls Across 55 Countries

What It Is A Russianspeaking, financially motivated threat actor is using commercial generative AI services to assist in compromising FortiGate firewalls. Amazon Threat Intelligence observed activity...

2026-01-12 data breachcredential leakbreachforums

BreachForums Database Leak Exposes 324,000 User Accounts

Why It Matters What if the details of your online persona on a dark web forum were suddenly posted for anyone to see? That is exactly what has happened on BreachForums, where a database dump exposing...

2026-01-09 cvezero-dayvmware

VMware ESXi Zero-Day CVE-2025-22226 Exploited a Year Before Disclosure

Why It Matters Serious vulnerabilities in VMware ESXi 8.0 Update3 have been observed being used in the wild, allowing attackers to break out of a virtual machine and gain control of the hypervisor...

2026-01-08 cven8nvulnerability

CVE-2026-21858: Critical Ni8mare Bug Enables Full Hijack of n8n Servers

What Happened A critical vulnerability in the popular n8n workflow automation platform tracked as CVE-2026-21858 and assigned a CVSS score of 10.0 can allow unauthenticated attackers to compromise...

2026-01-08 exchange-onlineimap4outage

Exchange Online outage disrupts IMAP4 mailbox access

What Happened Microsoft has confirmed an outage affecting Microsoft Exchange Online that intermittently blocks access to mailboxes via the IMAP4 protocol. The incident, recorded as EX1215307, was...

2025-12-26 powershellmalwarecryptomining

Fake MAS Windows Activation Domain Spreads PowerShell Malware

What It Is Cosmali Loader is a Windowsbased malware loader. Its main purpose is to download additional malicious components onto an infected system. Samples observed have been used to drop two types...

2025-12-26 password-managerdata-breachcrypto-theft

LastPass 2022 breach linked to multi-year crypto thefts, TRM Labs reports

Why It Matters When you trust a password manager with your online accounts, you expect it to keep not just your logins but also any crypto assets safe. A 2022 breach at LastPass shattered that trust...

2025-12-22 aigithubcopilot

Claude Opus4.5 Integrated Directly into GitHubCopilot

What Happened GitHub has made Anthropic's Claude Opus4.5 generally available across its paid Copilot tiers Enterprise, Business, Pro and Pro+. The new model can now be selected in CopilotChat and is...

2025-12-20 malwareloaderfileless

Cracked software and YouTube videos spread CountLoader & GachiLoader malware

What It Is CountLoader and GachiLoader are malware loaders, a type of Trojan designed to bring additional malicious code onto a victim's computer. Both are described as fileless and rely on...

Cybersecurity Intelligence Feed