soc

Google has released emergency Chrome updates to address a Chrome zero-day vulnerability, a high-severity out-of-bounds read/write issue in the V8 JavaScript engine. Google says an exploit exists in the wild, and the patched Stable builds are rolling out as 149.0.7827.102.103 for Windows and Mac and 149.0.7827.102 for Linux. Public reporting says the flaw can be […]

Organizations continue to face elevated risk from edge-device flaws that can hand attackers an initial foothold without valid credentials. CVE-2026-50751 is a critical authentication bypass issue in Check Point VPN Remote Access and Mobile Access that allows a remote, unauthenticated attacker to establish a VPN session without a valid user password. According to public reporting, […]

CVE-2026-11645: Exploited Chrome V8 Bug Enables In-Browser Code Execution CVE-2026-11645 is a high-severity Google Chrome zero-day in the V8 JavaScript/WebAssembly engine caused by an out-of-bounds (OOB) read/write condition. Google has confirmed it is aware that an exploit exists in the wild, making this an urgent patching item for any organization running Chrome on desktop endpoints. […]

CISA KEV Highlights LiteLLM RCE (CVE-2026-42271) & Check Point VPN Auth Bypass (CVE-2026-50751) CISA added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on June 8, 2026: CVE-2026-42271 in BerriAI LiteLLM and CVE-2026-50751 in Check Point Security Gateway. Both issues affect high-value parts of modern enterprise environments. LiteLLM often sits between users, applications, and […]

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-7473 Arista Extensible Operating System Incomplete Comparison with Missing Factors Vulnerability CVE-2026-11645 Google Chromium V8 Out-of-Bounds Read and Write Vulnerability CVE-2026-20245 Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability These types of vulnerabilities […]

Shai-Hulud Hades PyPI Campaign: 19 Packages Trojanized via Wheel Startup Hooks A PyPI supply-chain campaign in the Shai-Hulud / Mini Shai-Hulud / Miasma lineage compromised 19 Python packages by shipping trojanized wheel artifacts. Researchers observed 37 malicious wheels that add a Python startup hook (*.pth) to trigger code execution, then bootstrap a Bun runtime to […]