All news

vulnerability

(5 articles)

May 17, 2026

NGINX CVE-2026-42945: Worker Crashes and RCE Risk

NGINX CVE-2026-42945 is being actively exploited, crashing worker processes and potentially enabling RCE. Here's what developers need to patch now.

cPanel Vulnerability Targets Government and MSP Networks

May 4, 2026

cPanel Vulnerability Targets Government and MSP Networks

A critical cPanel vulnerability is being actively exploited against government agencies and MSPs. Here's what's happening and how to protect your servers.

ThreatsDay: SMS Blasters, OpenEMR, Roblox Hacks

April 30, 2026

ThreatsDay: SMS Blasters, OpenEMR, Roblox Hacks

SMS blaster busts, OpenEMR vulnerabilities, 600K Roblox account hacks and 25 more security stories covered in this week's ThreatsDay bulletin.

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

March 27, 2026

LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks

Critical vulnerabilities in LangChain and LangGraph expose sensitive files, secrets, and databases - here's what AI developers need to know and fix now.

Oracle Pushes Emergency Fix for Critical Identity Manager RCE Flaw

March 20, 2026

Oracle Pushes Emergency Fix for Critical Identity Manager RCE Flaw

Oracle drops an out-of-band patch for CVE-2026-21992, a CVSS 9.8 unauthenticated RCE bug in Identity Manager and Web Services Manager. Patch now.