CYBER Threat Intelligence Reports
LATEST CTIs
WPvivid Backup & Migration Critical RCE (CVE-2026-1357)
A critical vulnerability tracked as CVE-2026-1357 (CVSS 9.8) affects the WPvivid Backup & Migration WordPress plugin and can allow unauthenticated arbitrary file upload leading to…
Read more >
Malicious “AI Assistant” Chrome Extensions Stealing Credentials and Email Data
A malicious browser extension campaign dubbed AiFrame has been identified distributing fake AI assistant tools through the Chrome Web Store. At least 30 malicious extensions,…
Read more >
CVE-2026-21509: Actively Exploited Microsoft Office Security Bypass
CVE-2026-21509 is a zero-day security feature bypass vulnerability in Microsoft Office that has been confirmed as actively exploited in the wild. The flaw allows adversaries…
Read more >
Guidance to Address Ongoing Exploitation of Fortinet SSO Vulnerability (CVE-2026-24858)
CVE-2026-24858 is a critical authentication bypass in FortiCloud Single Sign-On (SSO) that can allow an attacker with a FortiCloud account and a registered device to…
Read more >
CVE-2024-37079: VMware vCenter Server DCERPC Heap Overflow (RCE)
CVE-2024-37079 is a critical remote code execution (RCE) vulnerability in VMware vCenter Server caused by a heap overflow in the DCERPC protocol implementation. On January…
Read more >
CVE-2026-24061: GNU Inetutils telnetd Remote Authentication Bypass
CVE-2026-24061 is a pre-authentication remote authentication bypass in GNU Inetutils telnetd. The flaw carries a Critical CVSS:3.1 severity score of 9.8 and allows an attacker…
Read more >
