The Axios threat actors are on the move again. The NPM package mgc (v1.2.1-1.2.4) Almost the same malware - but the payloads are hosted on GitHub. C2 is live but not yet weaponized. Thanks abhisek for pointing this out My blog on the Axios incident ox.security/blog/axios-com…

FortiClient EMS just got its second zero-day in one week. CVE-2026-35616 — pre-auth API bypass, CVSS 9.1. Exploitation started Easter weekend, before the advisory even dropped. Both CVEs are unauthenticated. Both target 7.4.5 and 7.4.6. 2,000+ instances still exposed. Full

POV: you came to the office and got no new alerts from Vulntracker today 😎 #Cybersecurity #VulnerabilityManagement #Vulntracker #VulnerabilityIntelligence

Adobe just shipped an emergency patch for a zero-day that attackers had been using since December 2025. 4 months in the wild. Only 13 of 64 AV engines caught the samples. Pure logic bugs — ASLR and DEP didn't matter. Just open a PDF. That's it. Full breakdown ↓

Update: Adobe shipped the emergency patch on April 11 (APSB26-43). Acrobat/Reader DC users should be on 26.001.21411, Acrobat 2024 on 24.001.30362. Full breakdown — the exploit chain, IOCs, and why AV missed it for 4 months: vulntracker.io/blog/adobe-rea…

🚨 Microsoft patches actively exploited SharePoint zero-day CVE-2026-32201 → CISA added to KEV catalog immediately → All on-premises SharePoint versions affected → Echoes ToolShell campaign (400+ orgs compromised) → Priority 1 patch despite CVSS 6.5 Enterprise action

CVE-2026-33032 (MCPwn) is a 27-character mistake that handed 2,689 public nginx-ui servers to anyone on the network. The patch is easy. The real story is what it tells us about every other app that bolted MCP on in the last 6 months. vulntracker.io/blog/mcpwn-ngi… #security

Today's CVE volume by vendor & product (from our tracker): Vendors: 1. Linux (100) 2. Uutils (44) 3. PowerDNS (22) 4. GitLab (11) 5. Red Hat (11) Products: 1. Linux (100) 2. coreutils (44) 3. GitLab (11) 4. DNSdist (9) 5. ONE (9) If you run coreutils or uutils-based distros,

Today's CVE volume by vendor & product (from our tracker): Vendors: 1. Linux (100) 2. Uutils (44) 3. PowerDNS (22) 4. GitLab (11) 5. Red Hat (11) Products: 1. Linux (100) 2. coreutils (44) 3. GitLab (11) 4. DNSdist (9) 5. ONE (9) If you run coreutils or uutils-based distros,

Today's CVE volume by vendor & product (from our tracker): Vendors: 1. Linux (100) 2. Uutils (44) 3. PowerDNS (22) 4. GitLab (11) 5. Red Hat (11) Products: 1. Linux (100) 2. coreutils (44) 3. GitLab (11) 4. DNSdist (9) 5. ONE (9) If you run coreutils or uutils-based distros,

Introducing Daily CVE Digest: the critical vulnerabilities from the last 24h, ranked and delivered at 9am UTC. CRITICAL + HIGH only. Sorted by active exploitation, CVSS, and EPSS. Free, email-only, no account. Skip the noise, read the signal: vulntracker.io/digest

Most "what is a CVE" guides are written for security analysts. Wrote one for the rest of us: engineering managers, technical founders, and IT folks who aren't full-time security people but still get tagged when something breaks. vulntracker.io/blog/what-is-a…

VulnTracker The researcher from ENKI published their writeup today enki.co.kr/en/media-cente…

Today's critical CVE highlights from our tracker: → Apache MINA: 2 unauthenticated RCE chains (CVE-2026-41409, 41635) → WordPress Directorist: privilege escalation + SQL injection → Totolink A8000RU: 16 (sixteen) RCEs in a single router model → ProjeQtor: unauth SQLi via

732 bytes of Python. Every Linux distro since 2017. Root on the first try, no race, no per-distro tuning. Copy Fail (CVE-2026-31431) corrupts files in memory only — the on-disk file stays unchanged, so disk-based integrity checks miss it entirely. And it crosses container

Çoğu CopyFail yazısı nasıl exploit edildiği üzerine. Asıl ihtiyacımız olan ise bu zafiyeti nasıl gidereceğimiz. Aşağıdaki post CopyFail için çözüm önerileri sunuyor. Değerli bilgiler için teşekkürler.