Friday , July 10 2026

Vulnerabilities

ALERT
Chrome update fixes 26 vulnerabilities enabling remote code execution

fixes 26

Google has launched a major security update for its Chrome browser. This update fixes 26 unique vulnerabilities that might let attackers run harmful code from a distance. The new Stable channel update brings versions 146.0.7680.153 and 146.0.7680.154 for Windows and macOS. Linux users will get version 146.0.7680.153. This important update is …

Read More »

CISA warns feds to patch max-severity Cisco flaw by Sunday

Secure Firewall

Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to fix a serious flaw, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22. Cisco released a security bulletin about the flaw on March 4. They told system managers to install the security updates quickly and said there …

Read More »

Bishop Fox Unveils Critical Pre-Auth SQL Injection in FortiClient EMS

Bishop Fox

Cybersecurity experts at Bishop Fox have unveiled an in-depth look at a critical vulnerability in FortiClient EMS, which is Fortinet’s central tool for managing endpoint security. This issue lets an attacker who is not logged in run any SQL commands, which could completely take over the management server and its …

Read More »

Google Alert Zero-Day For 3.5 billion Chrome Users: Forbes

zero-day

Google has released a second Chrome security update just 48 hours after the first, confirming two zero-day vulnerabilities that are being actively exploited. Google has issued an urgent security update for two zero-day vulnerabilities, CVE-2026-3909 and CVE-2026-3910. Google Confirms CVE-2026-3909 And CVE-2026-3910 are already being exploited. Although full access to the …

Read More »

ALERT
Chrome fix 29 vulnerabilities, must update immediately

Chrome

Google has released Chrome version 146 with important security updates for Windows, Mac, and Linux users. If the flaw remains unpatched, attackers run arbitrary code, compromise systems, or cause denial-of-service issues. The critical vulnerability in this release is CVE-2026-3913, which is a severe heap buffer overflow in the WebML component. …

Read More »

ALERT
Zoom Windows Workplace Vulnerabilities Allow Privilege Escalation

windows client

Zoom has issued four security bulletins detailing several vulnerabilities in its windows client suite. The critical vulnerability CVE-2026-30903 (ZSB-26005) affects the Mail feature in Zoom Workplace for Windows. The issue arises from External Control of File Name or Path, which allows attackers to manipulate file references and carry out unauthorized …

Read More »

Cisco Secure FMC Flaw Enables Remote Code Execution allowing root access 

FMC

Cisco has released an urgent security alert for a critical flaw in its Secure Firewall Management Center (FMC) software. The critical flaw with a CVSS score of 10.0 lets remote, unauthenticated attackers execute arbitrary code and take full control of the affected system. This vulnerability is found in Cisco Secure FMC’s …

Read More »

New MongoDB Vuln Allow Hackers Crash Any MongoDB Server

MongoDB

A new vulnerability, CVE-2026-25611 (CVSS 7.5), has been found in MongoDB, enabling attackers to crash open servers with little bandwidth. According to Cato CTRL, it affects all MongoDB versions where compression is enabled (v3.4+, on by default since v3.6), including MongoDB Atlas. Shodan data shows that over 207,000 MongoDB instances …

Read More »

Android update Patched 129 Vulns and Actively Exploited Zero-Day

129

Google has launched a major security update, fixing 129 vulnerabilities in the March 2026 Android Security Bulletin. This update is crucial due to reports that attackers are exploiting a high-severity flaw. The centerpiece of this month’s alert is CVE-2026-21385, a high-severity memory corruption vulnerability affecting a Qualcomm display component. Google …

Read More »

Trend Micro alerts of critical Apex One code execution flaws

Apex One

Trend Micro fixed two serious vulnerabilities in Apex One that let attackers execute remote code on affected Windows systems. Apex One is an endpoint security platform that identifies and addresses security threats like malware, spyware, and vulnerabilities. The first critical Apex One security flaw patched this week (CVE-2025-71210) is due to …

Read More »