CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...

The flaw enables server-side request forgery (SSRF) and escalates privileges to root, impacting Cisco Unified CM and Unified ...

Every compelling cyberpunk story makes space for a glimmer of hope. No matter how bleak or depressing things get in a hellish ...

Threat actors are exploiting vulnerabilities in Joomla and the LiteSpeed cPanel plugin for code execution and privilege ...

Switchzilla amid reports of new serious vulnerabilities under attack. First up is a server-side request forgery bug in its Unified Communications Manager tracked as CVE-2026-20230. Cisco disclosed and ...

At the beginning of the month, Cisco patched a high-risk security vulnerability in Unified Communications Manager. Now it is ...

Attackers are targeting Cisco Catalyst SD-WAN Manager and cPanel instances with the LiteSpeed plugin. However, attacks are ...

Operation Endgame malware takedown seized 326 servers, froze $47M in criminal cryptocurrency, and recovered 27 million stolen ...

India's ED targets $20M Coinbase spoofing scam, freezing $6.8M assets while ringleader is sentenced to 60 months in US prison ...

CID's Special Investigation Team (SIT) traced the victim's funds through a complex web of 46 mule bank accounts operating ...

Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise.