CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2026-0300: Actively Exploited Palo Alto PAN-OS Vulnerability Enables Root-Level RCE
Palo Alto Networks has disclosed a critical PAN-OS vulnerability, tracked as CVE-2026-0300, affecting the User-ID Authentication Portal, also known as the Captive Portal. The flaw…
Read more >
CVE-2026-41940: Critical cPanel & WHM Authentication Bypass
A critical authentication bypass vulnerability, tracked as CVE-2026-41940, has been disclosed in cPanel & WHM, one of the most widely used web hosting control panel…
Read more >
CVE-2026-25874: Critical Hugging Face LeRobot Vulnerability Enables Unauthenticated RCE
A critical unpatched vulnerability has been disclosed in Hugging Face LeRobot, an open-source robotics platform used for AI-driven robotics research and development. The flaw, tracked…
Read more >
BlueHammer: Microsoft Defender Privilege Escalation (CVE-2026-33825)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-33825, also known as BlueHammer, to its Known Exploited Vulnerabilities (KEV) Catalog, confirming active exploitation…
Read more >
CISA Flags Actively Exploited Cisco SD-WAN Vulnerabilities (CVE-2026-20133, CVE-2026-20122, CVE-2026-20128)
CISA has added multiple Cisco Catalyst SD-WAN vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, indicating active exploitation in the wild. These flaws affect SD-WAN…
Read more >
nginx-ui Unauthenticated Takeover Vulnerability Actively Exploited (CVE-2026-33032)
CVE-2026-33032 is a critical authentication bypass vulnerability affecting nginx-ui (≤ 2.3.5). The issue arises from inconsistent security controls applied to MCP endpoints: while the /mcp…
Read more >
