news

A severe vulnerability in Apache HTTP Server's HTTP/2 module could allow attackers to crash servers or potentially execute arbitrary code, prompting urgent security updates. Published: 2026-05-05 | Author: Patrick Mattos

A severe unauthenticated remote code execution flaw in the Weaver E-cology platform is being actively exploited by threat actors, posing a significant risk to organizations relying on this enterprise collaboration tool.

Official software downloads are being weaponized to deliver malware, impacting users globally and raising concerns about the integrity of trusted software distribution channels. Published: 2026-05-05 | Author: Patrick Ma

A critical vulnerability in the MetInfo Content Management System (CMS) is being actively exploited by threat actors, enabling remote code execution and posing a significant risk to affected websites. The flaw, identifie

Organizations are increasingly vulnerable to sophisticated attacks leveraging long-lived OAuth tokens, a critical oversight in modern security strategies that bypasses traditional defenses. Published: 2026-05-05 | Author

Sophisticated threat actor UAT-8302, believed to be associated with China, has been actively targeting governmental organizations in South America and Southeastern Europe with a suite of custom and shared malware, indica