Cisco warns of Identity Service Engine flaw with exploit code

Cisco has patched an ISE vulnerability with public proof-of-concept exploit code that can be abused by attackers with admin ...
SecurityWeek

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...
CSO Online

CISA flags max-severity bug in HPE OneView amid active exploitation

The flaw allows remote code execution via a public REST API, giving attackers a direct path to compromise enterprise ...
Software Engineering Institute

SEI Parser Demystifies Firmware to Fight Vulnerabilities

Software based on the Unified Extensible Firmware Interface (UEFI) standard makes up the firmware of most modern desktop computers and servers. This software is largely invisible to users, critical to ...
SecurityWeek

Critical Vulnerability Exposes n8n Instances to Takeover Attacks

CVE-2026-21858, a critical n8n vulnerability, can be exploited for unauthenticated remote code execution, leading to instance ...

The 11 runtime attacks breaking AI security — and how CISOs are stopping them

CrowdStrike's 2025 data shows attackers breach AI systems in 51 seconds. Field CISOs reveal how inference security platforms ...

This 'ZombieAgent' zero click vulnerability allows for silent account takeover - here's what we know

In December 2025, a feature called Connectors finally moved out of beta and into general availability. This feature allows ChatGPT to connect to numerous other apps, such as calendars, cloud storage, ...