CYBER Threat Intelligence Reports
LATEST CTIs
CISA Flags Actively Exploited Microsoft Office and SharePoint Vulnerabilities (CVE-2009-0238, CVE-2026-32201)
CISA has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, confirming active exploitation in the wild. The inclusion of both a legacy Microsoft…
Read more >
Ivanti EPMM Unauthenticated RCE Actively Exploited (CVE-2026-1340)
CVE-2026-1340 is a critical code injection vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that enables unauthenticated remote code execution (RCE). The flaw has been confirmed…
Read more >
FortiClient EMS 0-Day Enables RCE (CVE-2026-35616)
Fortinet has confirmed active exploitation of CVE-2026-35616 in the wild. The vulnerability was reportedly leveraged as a zero-day prior to disclosure, indicating that attackers had…
Read more >
Axios Supply Chain Attack: Malicious npm Releases Deliver Cross-Platform Payload
A software supply chain attack has been identified impacting the widely used axios npm package. On March 31, 2026, two malicious versions, axios@1.14.1 and axios@0.30.4,…
Read more >
CVE-2026-33017: Langflow Code Injection Vulnerability
A critical vulnerability in Langflow, tracked as CVE-2026-33017, is being actively exploited in the wild and poses a serious risk to organizations using exposed self-hosted…
Read more >
Citrix NetScaler Vulnerabilities Expose Sensitive Data and Session Integrity Risks (CVE-2026-3055 & CVE-2026-4368)
Citrix has released security updates addressing two vulnerabilities in NetScaler ADC and NetScaler Gateway that may allow attackers to leak sensitive data or interfere with…
Read more >
