Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

Ivanti EPMM zero-day flaws enabled cyberattacks on Dutch, EU, and Finnish government systems, exposing employee contact and device data.

SSE often proves architecture, not risk reduction; agentless session security adds in-browser controls for SaaS, GenAI, BYOD, ...

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia, hitting 60+ victims and multiple ...

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

UNC3886 targeted Singapore’s telecom operators via zero-day exploits, rootkits, and VMware systems; no customer data breach confirmed.

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.

OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed instances.

Germany’s BSI and BfV warn of state-linked Signal phishing using fake support chats, PIN theft, and device linking to access ...

Key cyber updates on ransomware, cloud intrusions, phishing, botnets, supply-chain risks, and nation-state threat activity.