cPanel & WHM and WP Squared have recently provided fixes for five critical flaws. These issues include the ability to read any file and SQL injection, which threaten server safety and data privacy. The biggest flaw found this time let anyone get into sensitive system resources without permission. CVE-2026-29205 (CVSS …
Read More »ALERT
Cisco alerts of critical SD-WAN flaw used in 0-day attacks for admin access
Cisco is alerting that a critical flaw in the Catalyst SD-WAN Controller, known as CVE-2026-20182, was used in attacks that let hackers get admin access on affected devices. CVE-2026-20182 has the highest severity score of 10.0. It affects Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager in both on-site and …
Read More »Palo Alto PAN-OS 0-Day Exploited: Patches released
A critical flaw in Palo Alto Networks PAN-OS is putting business firewalls at risk. It lets unverified attackers run any code they want with full control. Tracked as CVE-2026-0300 is a buffer overflow vulnerability in the User-IDâ„¢ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software which …
Read More »Ivanti Patches Multiple falws in Secure Access, Xtraction, vTM and Endpoint Manager
Ivanti has put out its May 2026 Patch Tuesday security updates. They found flaws in four products. They also said that AI tools are helping their engineers find mistakes that regular scanners miss. They warned that AI finding issues will probably lead to more flaws being reported in the future. …
Read More »Microsoft Patch Tuesday May 2026 fixed 120 flaws, Including 29 Critical RCE
Microsoft’s May 2026 Patch Tuesday brings many updates for businesses. It fixes 120 security flaws in Windows, Office, Azure, developer tools, and Microsoft 365 apps. Among these, 29 critical flaws let attackers run code from far away. Microsoft says there are no zero-days used in attacks or announced before this …
Read More »Fortinet Patches 5 Vulns Across FortiAP, FortiOS, and Enterprise Products
Fortinet patches 5 flaws on May 12, 2026 in its wireless access point controllers, network operating system, and enterprise management tools. One issue is a serious flaw that allows access without authorization in FortiSandbox. Critical Flaw in FortiSandbox The critical flaw, found is CVE-2026-26083 (FG-IR-26-136), which is a missing permission …
Read More »Zoom Rooms and Workplace vulns Expose Users to Elevated Access Attacks
A new set of flaws in Zoom’s software can let hackers take control of systems. Zoom has launched security updates to fix three different flaws in its Windows and iOS apps. The most serious of these flaws lets authorized attackers gain higher system powers, changing a regular user account into …
Read More »Patch Now! cPanel, WHM Fixes for Three New Flaws
cPanel has put out updates to fix three security issues in cPanel and Web Host Manager (WHM). These issues could allow someone to gain higher access, run code, or cause a service outage. The list of vulnerabilities is as follows: CVE-2026-29201 (CVSS score: 4.3): An insufficient input validation of the …
Read More »3 Critical Microsoft 365 Copilot flaws Expose sensitive Information
Microsoft fixed 3 critical security issues in Microsoft 365 Copilot and Copilot Chat in Microsoft Edge. These were released on May 7, 2026, and users or admins don’t need to do anything. Microsoft’s Security Response Center shared updates on CVE-2026-26129, CVE-2026-26164, and CVE-2026-33111 to show their ongoing promise of openness …
Read More »New Ivanti EPMM 0-Day Vuln Actively Exploited in attacks
Ivanti has released an important security notice for its Endpoint Manager Mobile (EPMM) product. It reveals several serious weaknesses being used by attackers, like CVE-2026-6973, and asks all EPMM users to install updates right away. Ivanti said that CVE-2026-6973 is being actively used by hackers. This issue needs admin login …
Read More »
InfoSecBulletin Cybersecurity for mankind