| Feb 16, 2026 Microsoft Word Security Feature Bypass Vulnerability CVE-2026-21514 is a security feature bypass vulnerability in Microsoft Word due to reliance on untrusted inputs in a security decision.
| Feb 16, 2026 Windows Shell Security Feature Bypass Vulnerability CVE-2026-21510 is a Windows Shell security feature bypass vulnerability that allows an unauthorized attacker to bypass protection prompts over a network.
| Feb 9, 2026 Notepad++ Supply Chain Attack: Undetected Chains and Evolving Payloads Kaspersky researchers uncovered multiple undocumented infection chains in a supply chain attack targeting Notepad++ users from July to October 2025.
| Nov 19, 2025 Kraken Ransomware Group: Big-Game Hunting and Double Extortion Tactics This report provides a detailed investigation into the Kraken ransomware group - their operations, methods, and the broader implications for cybersecurity.
| Nov 12, 2025 Vulnerability in Simple User Capabilities Plugin Exposes WordPress Sites CVE-2025-12158 is a critical privilege escalation vuln. affecting the Simple User Capabilities WordPress plugin (all versions up to + including 1.0).
| Nov 5, 2025 Critical Vulnerability in Dataphone A920: CVE-2025-61235 Exposed CVE-2025-61235 is a critical vulnerability affecting the Dataphone A920 firmware arising from improper validation of network packet input.
| Oct 28, 2025 Critical Remote Code Execution in Oracle Marketing (E-Business Suite) CVE-2025-53072 is a critical unauthenticated RCE vulnerability affecting the Marketing Admin module of Oracle Marketing, part of Oracle E-Business Suite.
| Oct 14, 2025 Attackers Exploit Velociraptor in Sophisticated Ransomware Campaigns Cisco Talos has confirmed that ransomware operators are weaponizing Velociraptor, an open-source DFIR tool, to aid in the deployment of ransomware attacks.
| Oct 7, 2025 Google Salesforce Breach: UNC6040's Vishing and OAuth Attack Analysis In June 2025, Google’s internal Salesforce instance, used for managing SMB data, was breached in a cyberattack orchestrated by the UNC6040 threat group.
| Sep 30, 2025 AI vs. AI: Microsoft's Battle Against AI-Obfuscated Phishing Campaigns Microsoft Threat Intelligence recently shut down a credential phishing campaign employing AI to obfuscate attack payloads and evade conventional defenses.
