latesthackingnews.com

How CVE-2026-20253 Turns Splunk’s PostgreSQL Sidecar Into an Open Door

CVE-2026-20253 is a CVSS 9.8 pre-auth flaw in Splunk Enterprise's PostgreSQL sidecar service. An unauthenticated attacker can ...

Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited

Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign ...

Shift Left: How CVE-LITE CLI is Transforming Developer Security

DevSecOps is the DevOps community’s approach to bringing security into the development lifecycle. Businesses want to deliver software, but cannot afford to release unreliable or insecure applications— ...
Infosecurity-magazine.com

Navigating the Vulnerability Maze: Understanding CVE, CWE, and CVSS

The Forum of Incident Response and Security Teams (FIRST) officially launched the fourth version of the Common Vulnerability Scoring System (CVSS 4.0), in November 2023. CVSS 4.0, the industry ...
SecurityWeek

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary ...
Infosecurity Magazine

Microsoft Fixes 200 CVEs in June Patch Tuesday

System administrators are in for a busy few weeks after Microsoft published updates to fix 200 vulnerabilities including ...
Ars Technica

Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters

Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s ...

Explained: How ShinyHunters hacked over 100 organisations using an Oracle bug

Cybersecurity experts from Google's Threat Intelligence Group have alerted that the hacking group ShinyHunters exploited a ...