VulnCheck

The Latest

ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach

ShinyHunters Leaks Data of Udemy, Zara, 7-Eleven in Salesforce Linked Breach

UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware

UNC6692 Hackers Exploit Microsoft Teams to Deploy SNOW Malware

Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files

Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files

Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation

Microsoft Entra Agent ID Flaw Enabled Tenant Takeover via Privilege Escalation

ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers

Read More

3 minute read

Security

ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers

Hackers are exploiting a 5-year-old ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

April 18, 2026

The Deadly 1%: How Hackers Pick the Year’s Most Lethal Security Flaws

Read More

2 minute read

Report Finds Just 1% of Security Flaws Drive Most Cyberattacks in 2025

New VulnCheck research reveals that while thousands of CVEs are discovered yearly, only 1% drive real-world impact.

February 26, 2026

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

Read More

2 minute read

Security

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

A new report by VulnCheck exposes a critical command injection flaw (CVE-2025-53652) in the Jenkins Git Parameter plugin.…

August 8, 2025

Years Long Linux Cryptominer Spotted Using Legit Sites to Spread Malware

Read More

3 minute read

Years Long Linux Cryptominer Spotted Using Legit Sites to Spread Malware

Cryptominer campaign runs for years using legit sites to spread malware, targeting Linux systems through known bugs and avoiding detection.

July 18, 2025