Security Feed
Curated advisories, threat briefs & field intel — attributed, dated & severity-tagged. Kept deliberately separate from my own writing.
1. Executive summary Threat intelligence firm Defused reports active in-the-wild exploitation of three critical vulnerabilities in Fortinet's FortiSandbox platform (FortiSandbox,
1. Executive summary North Korea-aligned threat actor ScarCruft (MITRE G0067, also tracked as APT37) is conducting a spear-phishing campaign against targets using
1. Executive summary EvilTokens is a phishing-as-a-service (PhaaS) kit that compromises Microsoft 365 accounts by abusing the OAuth 2.0 device
1. Executive summary Sekoia has documented ErrTraffic, a JavaScript-based Malware-as-a-Service (MaaS) framework injected into compromised WordPress sites to deliver ClickFix
1. Executive summary Cisco has released a fix for CVE-2026-20262, a file-upload input-validation flaw in the web UI of Cisco
1. Executive summary CVE-2026-20262 is a directory/path traversal vulnerability (CWE-22) in the web UI of Cisco Catalyst SD-WAN Manager
1. Executive summary The Council of Europe has confirmed it is investigating a breach in which the ShinyHunters extortion crew claims to have stolen
1. Executive summary Oracle has issued an out-of-band patch for CVE-2026-35273, a critical vulnerability (CVSS 9.8, IN CISA KEV
1. Executive summary GitHub has announced that npm v12 (expected July 2026) will change three security-focused defaults to disrupt the supply-chain attack
1. Executive summary Splunk has disclosed CVE-2026-20253, a critical (CVSS 9.8) flaw in the Splunk Enterprise PostgreSQL sidecar service that allows
1. Executive summary OpenClaw versions prior to 2026.5.18 contain an authorization bypass vulnerability (CVE-2026-53821) in the Gateway WebSocket control plane.
1. Executive summary The Iran-linked threat actor "Handala" claims to have compromised California Water Service (Cal Water), exfiltrating approximately 5GB of