Vulnerability

13 minute read

Top AI-Powered Vendor Risk Management Platforms for SaaS Companies in 2026

Top AI-powered vendor risk platforms for SaaS companies in 2026, compare tools, features, and how to choose the…

byOwais Sultan

April 29, 2026

Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise

3 minute read

Security

Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise

Security experts have found a high-severity flaw named Pack2TheRoot in PackageKit that allows hackers to gain full root access on multiple Linux distributions.

byDeeba Ahmed

April 28, 2026

2 minute read

Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation

Microsoft Entra Agent ID flaw allowed privilege escalation and tenant takeover via Service Principal abuse, now fully patched by Microsoft.

byDeeba Ahmed

April 26, 2026

3 minute read

Hackers Use Hidden Website Instructions in New Attacks on AI Assistants

Cybersecurity researchers at Forcepoint uncover new indirect prompt injection attacks that use hidden website code to exploit AI assistants like GitHub Copilot.

byDeeba Ahmed

April 23, 2026

Microsoft Vulnerabilities Hit Record High, Critical Flaws Decline, Report Find

3 minute read

Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns

Microsoft vulnerabilities fall, but critical flaws double, BeyondTrust report highlights rising risk in Microsoft Office, Azure, and cloud systems.

byDeeba Ahmed

April 21, 2026

ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers

3 minute read

Security

ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers

Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

byDeeba Ahmed

April 18, 2026

New Mirai-based Nexcorium Malware Hijacks Security Cameras for DDoS Attacks

3 minute read

New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks

Cybersecurity researchers at Fortinet have discovered Nexcorium, a new Mirai-based malware targeting TBK DVR systems to turn them into a botnet for DDoS attacks.

byDeeba Ahmed

April 17, 2026

3 minute read

13.5M Device Botnet Drives 2 Tbps DDoS Attacks on FinTech, Qrator Finds

A new Qrator Labs report reveals that the largest DDoS botnet has grown to 13.5 million devices, and…

byDeeba Ahmed

April 15, 2026

2 minute read

wolfSSL Vulnerability Hits IoT, Routers and Military Systems, Update to 5.9.1 Now

Critical wolfSSL flaw CVE-2026-5194 allows digital ID forgery across billions of devices, update to version 5.9.1 to fix the issue and reduce risk.

byDeeba Ahmed

April 14, 2026

Why Your Deprecated Endpoints Are an Attacker’s Best Friend: The Rise of Ghost APIs

8 minute read

Security

Why Your Deprecated Endpoints Are an Attacker’s Best Friend: The Rise of Ghost APIs

Ghost APIs are deprecated endpoints left active, exposing systems to attack. Learn how they differ from shadow APIs and why they create hidden security risks

byArunkumar Mathiyazhagan

April 13, 2026

The Latest

Top AI-Powered Vendor Risk Management Platforms for SaaS Companies in 2026

New DHL Phishing Scam Uses 11-Step Attack Chain to Steal Passwords

Decoding Q1 2026’s $152.9 Billion Crypto Custody Concentration

Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise

Vulnerability

Top AI-Powered Vendor Risk Management Platforms for SaaS Companies in 2026

Pack2TheRoot: 12-Year-Old Linux PackageKit Flaw Enables Full Compromise

Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation

Hackers Use Hidden Website Instructions in New Attacks on AI Assistants

Microsoft Vulnerabilities Drop, But Critical Flaws Double, Report Warns

ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers

New Mirai Variant Nexcorium Hijacks DVR Devices for DDoS Attacks

13.5M Device Botnet Drives 2 Tbps DDoS Attacks on FinTech, Qrator Finds

wolfSSL Vulnerability Hits IoT, Routers and Military Systems, Update to 5.9.1 Now

Why Your Deprecated Endpoints Are an Attacker’s Best Friend: The Rise of Ghost APIs

BreachLock Named Representative Vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation

The Ungoverned Workforce: Cybersecurity Insiders Finds 92% Lack Visibility Into AI Identities

Security Risk Advisors Purple Team Participants Can Now Earn CPE Credits

Mallory Launches AI-Native Threat Intelligence Platform, Turning Global Threat Data Into Prioritized Action

AI Future: The Leading International AI and Web3 Forum to Take Place in April