Cisco SD-WAN Manager Flaw

Cisco SD-WAN Manager Flaw: Medium Severity, Real Exploitation Cisco has released security updates for an actively exploited vulnerability in Catalyst SD-WAN Manager, formerly known as SD-WAN vManage. The flaw, CVE-2026-20262, has a CVSS score of 6.5, so on paper it sits in the “medium” category. However, “medium” becomes a lot more interesting when attackers are […]

Read More

Joomla JCE Flaw Actively Exploited

Joomla JCE Flaw: Patch It, Then Check You Weren’t Already Hit CISA has warned that a critical Joomla Content Editor vulnerability is being actively exploited. The flaw, CVE-2026-48907, carries the maximum CVSS score of 10.0, which is never the sort of score you want next to your CMS plugin. The issue affects Widget Factory Joomla […]

Read More

Microsoft Defender Needs a Defender

Microsoft Confirms RoguePlanet Defender Zero-Day Microsoft confirmed it is developing a patch for RoguePlanet, a Microsoft Defender zero-day now tracked as CVE-2026-50656 with a CVSS score of 7.8. The vulnerability is an elevation-of-privilege flaw in the Microsoft Malware Protection Engine. A researcher known as Chaotic Eclipse released a proof-of-concept, describing the issue as a race […]

Read More

F5 Patches Critical NGINX Flaws

NGINX Critical Flaws: Patch Before Your Web Server Starts Freelancing F5 released patches for two critical NGINX Open Source vulnerabilities that could enable remote code execution. CVE-2026-42530 is a use-after-free issue in the HTTP/3 QUIC module affecting certain configurations. CVE-2026-42055 is a heap-based buffer overflow affecting HTTP/2 proxying or gRPC configurations with specific directives. Both […]

Read More

Shadow AI and Access Control

Shadow AI: It’s Not Just What Staff Paste In, It’s What Agents Can Do Shadow AI has evolved beyond data leakage. The real risk is now access control, because AI agents can call APIs, use credentials, access SaaS platforms, modify data and trigger workflows. Many agents are created informally through SaaS tools, browser extensions, developer […]

Read More

FortiBleed Hits FortiGate Devices

FortiBleed: When VPN Credentials Become Everyone’s Problem CISA warned Fortinet customers about FortiBleed, a large-scale campaign targeting internet-facing FortiGate devices. As of 19 June 2026, 86,644 devices were reportedly compromised. Attackers appear to be using leaked, weak and reused credentials, along with automated spraying against Fortinet remote login endpoints. The campaign has affected telecom, government […]

Read More

Legacy Infrastructure Hijacking AI Agent

Your AI Agent May Be Secure. Your Old Server Probably Isn’t. This article argues that attackers do not need to attack AI systems directly when legacy infrastructure already provides a path to compromise them. AI agents inherit access from identity providers, cloud roles, service accounts and developer environments. A chain involving an unpatched Tomcat server, […]

Read More

Squidbleed-Squid Proxy Bug

Squidbleed: The 29-Year-Old Proxy Bug That Still Had One More Trick A 29-year-old Squid proxy bug, named “Squidbleed” and tracked as CVE-2026-47729, can leak cleartext HTTP requests from other users sharing the same proxy. The flaw sits in Squid’s FTP directory-listing parser and can expose headers, credentials or session tokens if traffic is visible to […]

Read More

Check Point VPN Flaw Exploited

Check Point VPN Flaw: Passwords Optional, Apparently Check Point warned that CVE-2026-50751, a critical flaw affecting Remote Access VPN and Mobile Access deployments using deprecated IKEv1, is being actively exploited. The logic flaw in certificate validation allows unauthenticated attackers to bypass password requirements and establish VPN sessions under specific configurations. Exploitation requires remote access or […]

Read More