Friday , July 10 2026

Alert

CISA Alerts Apple, Craft CMS, Laravel Bugs in KEV, Patching Deadline by April 3

CISA

U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five security problems affecting Apple, Craft CMS, and Laravel Livewire to its Known Exploited Vulnerabilities (KEV) list on Friday. They are telling federal agencies to fix these issues by April 3, 2026. The vulnerabilities that have come under exploitation are listed below:  …

Read More »

CVE-2026-20131
Interlock Ransomware gang exploits Cisco FMC zero-day since January

Interlock ransomware

The Interlock ransomware group has been exploiting a remote code execution (RCE) flaw in Cisco’s Secure Firewall Management Center (FMC) software in zero-day attacks since late January. Cisco fixed the security issue (CVE-2026-20131) on March 4. They warned that this flaw could let attackers run any Java code as root …

Read More »

Bishop Fox Unveils Critical Pre-Auth SQL Injection in FortiClient EMS

Bishop Fox

Cybersecurity experts at Bishop Fox have unveiled an in-depth look at a critical vulnerability in FortiClient EMS, which is Fortinet’s central tool for managing endpoint security. This issue lets an attacker who is not logged in run any SQL commands, which could completely take over the management server and its …

Read More »

ALERT
BGD CIRT warn of Botnet, APT, RAT and Malware attack during holidays

holidays

Bangladesh is preparing for a nationwide Eid holiday; on the contrary a different kind of “celebration” is occurring in the dark corners of the web. While most professionals are logging off for a well-deserved break, automated scripts are just getting started, scanning for “digital silence.” According to cyber security alert …

Read More »

Google Alert Zero-Day For 3.5 billion Chrome Users: Forbes

zero-day

Google has released a second Chrome security update just 48 hours after the first, confirming two zero-day vulnerabilities that are being actively exploited. Google has issued an urgent security update for two zero-day vulnerabilities, CVE-2026-3909 and CVE-2026-3910. Google Confirms CVE-2026-3909 And CVE-2026-3910 are already being exploited. Although full access to the …

Read More »

ALERT
Apple Unveils Emergency Updates For iOS 15.8.7 to Block ‘Coruna’ Exploit Kit

iOS 15.8.7

Apple released an urgent security update, iOS 15.8.7 and iPadOS 15.8.7, to safeguard older devices from the serious ‘Coruna’ exploit kit threat. On March 11, 2026, a critical patch was released that brings fixes from newer iOS versions to protect users of older devices from cyberattacks. The Coruna exploit kit targets …

Read More »

ALERT
Palo Alto Cortex XDR broker flaw allows systems to Information theft and modification

Cortex XDR Broker

Palo Alto Networks released a security advisory about a new vulnerability in its Cortex XDR Broker Virtual Machine (VM). CVE-2026-0231 is a medium-severity flaw that could let an attacker access and change sensitive system information. Because the Broker VM acts as a critical bridge between on-premises network assets and the …

Read More »

ALERT
Chrome fix 29 vulnerabilities, must update immediately

Chrome

Google has released Chrome version 146 with important security updates for Windows, Mac, and Linux users. If the flaw remains unpatched, attackers run arbitrary code, compromise systems, or cause denial-of-service issues. The critical vulnerability in this release is CVE-2026-3913, which is a severe heap buffer overflow in the WebML component. …

Read More »

ALERT
Zoom Windows Workplace Vulnerabilities Allow Privilege Escalation

windows client

Zoom has issued four security bulletins detailing several vulnerabilities in its windows client suite. The critical vulnerability CVE-2026-30903 (ZSB-26005) affects the Mail feature in Zoom Workplace for Windows. The issue arises from External Control of File Name or Path, which allows attackers to manipulate file references and carry out unauthorized …

Read More »