$6.2M of the funds stolen during the SagaEVM exploit has been deposited into Tornado Cash. The January 21 exploit involved a ...

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...

The 11-year-old vulnerability likely impacts many devices that are no longer supported — and presents easy exploit even for ...

Flow published a post-incident report on January 6, 2026, discussing the root cause of its $3.9 million exploit. An attacker exploited a Cadence runtime type confusion vulnerability to forge tokens.

JFrog this week published an analysis of a vulnerability in Redis databases that may be more serious than initially thought following the discovery of a ...

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...

Fortinet has closed a critical FortiSIEM vulnerability. A proof-of-concept exploit increases the likelihood of attacks.

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...

No reports of active exploitation … yet Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level ...

CVE-2026-20029 in Cisco ISE/ISE-PIC allows arbitrary file reads via malicious XML uploads Exploitation requires valid admin credentials; no workarounds exist—patching is the only fix PoC exploit ...

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.