Drupal has disclosed a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, that carries a CVSS score of 9.8. The vulnerability has been … Read More
Quick Reference – Active Vulnerabilities and Affected Software Nx Console: CVE-2026-48027 (KEV, due June 10) TanStack: CVE-2026-45321 (KEV, due June 10) Daemon Tools Lite: CVE-2026-8398 … Read More
QUICK REFERENCE – Active Vulnerabilities and Affected Software Cisco Catalyst SD-WAN Controller and Manager: CVE-2026-20182, CVE-2026-20127 Palo Alto Networks PAN-OS (User-ID Authentication Portal): CVE-2026-0300 cPanel … Read More
Quick Summary This report covers the following active vulnerabilities: Ghost CMS – CVE-2026-26980: SQL injection, mass exploitation of 700+ websites KnowledgeDeliver LMS – CVE-2026-5426: ViewState … Read More
Threat Intelligence Brief — May 25, 2026 Coverage: May 24–25, 2026 Previous reports: May 23, 2026 | May 22, 2026 | May 21, 2026 New … Read More
Threat Intelligence Brief — May 23, 2026 Coverage: May 22–23, 2026 | New CVEs this report: 7 | New supply chain incidents: 2 Previous reports: … Read More
Threat Intelligence Brief — May 22, 2026 Coverage: May 21-22, 2026 | New CVEs this report: 9 | Updated entries from previous report: 3 Previous … Read More
🔴 CVE-2026-41091 — Microsoft Defender Privilege Escalation (Actively Exploited) CVE CVE-2026-41091 | CVSS 7.8 HIGH | CWE-59 | CISA KEV — Due 2026-06-03 Fixable? ✅ … Read More
One thing I often miss in security is to see the relationship between the security program x business and the security program x IT. Currently, … Read More
I think we need to think more specifically and explicitly about security program maturity and effectiveness. So how does that work? This diagram highlights the … Read More
