Friday , July 10 2026

Alert

Cisco and Splunk patches for multiple flaws: Update now

Splunk

Splunk has put out security updates for many flaws in Splunk Enterprise, Splunk Cloud Platform, and the Splunk AI Toolkit. These issues could cause denial-of-service (DoS) attacks and expose sensitive information. The flaws revealed on May 20, 2026, have three known weaknesses: CVE-2026-20238, CVE-2026-20239, and CVE-2026-20240. Organizations should quickly apply …

Read More »

ALERT
Trend Micro warns of zero-day exploit in Apex One: CISA adds to KEV

Apex One

Trend Micro has fixed a security hole in Apex One that was used in attacks on Windows systems. Tracked as CVE-2026-34926, a directory traversal vulnerability in the Apex One (on-premise) server which could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to …

Read More »

“nginx-poolslip” NGINX 0-Day Affects Millions of NGINX Servers To RCE

nginx-poolslip

A security flaw dubbed nginx-poolslip has been revealed in NGINX version 1.31.0, the newest stable version of the most used web server software. The discovery, made by security researcher Vega of the NebSec security team, was announced via X (formerly Twitter) on May 21, 2026, sending shockwaves through the global …

Read More »

CVE-2024-12802
Incomplete patching allows hackers to bypass SonicWall VPN MFA

VPN

Threat actors guessed VPN passwords and got around multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN devices to use tools for ransomware attacks. During the break-ins, the hacker spent 30 to 60 minutes logging in, checking the network, testing old passwords in internal systems, and logging out. SonicWall said in a …

Read More »

OpenClaw Flaws Expose 245,000 Public AI Agent Servers

OpenClaw

A series of four security flaws found in OpenClaw, a rapidly growing open-source platform for self-operating AI agents, has put about 245,000 public server instances at risk of being hacked, having credentials stolen, and being installed with secret backdoors. Originally started as “Clawdbot” in late 2025, OpenClaw links big language …

Read More »