CYBER Threat Intelligence Reports
LATEST CTIs
CVE-2026-41940: Critical cPanel & WHM Authentication Bypass
A critical authentication bypass vulnerability, tracked as CVE-2026-41940, has been disclosed in cPanel & WHM, one of the most widely used web hosting control panel…
Read more >
CVE-2026-25874: Critical Hugging Face LeRobot Vulnerability Enables Unauthenticated RCE
A critical unpatched vulnerability has been disclosed in Hugging Face LeRobot, an open-source robotics platform used for AI-driven robotics research and development. The flaw, tracked…
Read more >
BlueHammer: Microsoft Defender Privilege Escalation (CVE-2026-33825)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-33825, also known as BlueHammer, to its Known Exploited Vulnerabilities (KEV) Catalog, confirming active exploitation…
Read more >
CISA Flags Actively Exploited Cisco SD-WAN Vulnerabilities (CVE-2026-20133, CVE-2026-20122, CVE-2026-20128)
CISA has added multiple Cisco Catalyst SD-WAN vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, indicating active exploitation in the wild. These flaws affect SD-WAN…
Read more >
nginx-ui Unauthenticated Takeover Vulnerability Actively Exploited (CVE-2026-33032)
CVE-2026-33032 is a critical authentication bypass vulnerability affecting nginx-ui (≤ 2.3.5). The issue arises from inconsistent security controls applied to MCP endpoints: while the /mcp…
Read more >
CISA Flags Actively Exploited Microsoft Office and SharePoint Vulnerabilities (CVE-2009-0238, CVE-2026-32201)
CISA has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming active exploitation in the wild. The inclusion of both a legacy Microsoft…
Read more >
