vulnerability
Check Point hotfixes actively exploited IKEv1 VPN bypass
Check Point hotfixes actively exploited IKEv1 VPN bypass CVE-2026-50751 is the kind of security flaw that punishes organizations for leaving legacy remote-acces...
Lucas Oliveira
Research
Cisco patches another SD-WAN zero-day after limited exploitation
Cisco patches another SD-WAN zero-day after limited exploitation Cisco has disclosed yet another actively exploited weakness in its SD-WAN stack, and the import...
Lucas Oliveira
Research
YellowKey fix lands in June baseline: patch BitLocker fleets now
YellowKey fix lands in June baseline: patch BitLocker fleets now Microsoft has now closed the patch gap for CVE-2026-45585, the public BitLocker bypass widely r...
Lucas Oliveira
Research
PAN-OS GlobalProtect auth bypass is now an incident response problem
PAN-OS GlobalProtect auth bypass is now an incident response problem Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, an authentication by...
Lucas Oliveira
Research
Exchange CVE-2026-42897 patches land after active OWA exploitation
Exchange CVE-2026-42897 patches land after active OWA exploitation Microsoft has now shipped the June 2026 Exchange security updates for CVE-2026-42897, ending...
Lucas Oliveira
Research
Veeam CVE-2026-44963 puts domain-joined backup servers at RCE risk
Veeam CVE-2026-44963 puts domain-joined backup servers at RCE risk Veeam has patched CVE-2026-44963, a critical [vulnerability](https://invaders.ie/resources/gl...
Lucas Oliveira
Research
Chrome Zero-Day CVE-2026-11645 Enters KEV After Google Ships Emergency V8 Patch
Chrome Zero-Day CVE-2026-11645 Enters KEV After Google Ships Emergency V8 Patch Google has patched an actively exploited [zero-day](https://invaders.ie/resource...
Lucas Oliveira
Research
Cisco CUCM SSRF bug turns WebDialer exposure into a path toward root
Cisco CUCM SSRF bug turns WebDialer exposure into a path toward root Cisco's latest Unified Communications Manager advisory deserves attention because it turns...
Lucas Oliveira
Research
Cisco SD-WAN zero-day turns earlier auth bypass flaws into root access risk
Cisco SD-WAN zero-day turns earlier auth bypass flaws into root access risk Cisco's new CVE-2026-20245 advisory matters because it is not just another isolated...
Lucas Oliveira
Research
One-Click github.dev Attack Lets Malicious Repos Steal Full GitHub Tokens
One-Click github.dev Attack Lets Malicious Repos Steal Full GitHub Tokens | 2026 Executive Summary Security researcher Ammar Askar disclosed a one-click attack...
Lucas Oliveira
Research
FlagLeft Turns Microsoft 365 Android Apps Into a Silent Account Takeover Path
FlagLeft Turns Microsoft 365 Android Apps Into a Silent Account Takeover Path | 2026 Executive Summary Enclave disclosed a research finding it calls FlagLeft, d...
Lucas Oliveira
Research
Drupal PostgreSQL SQLi shows how SELECT-only injection becomes RCE
Drupal PostgreSQL SQLi shows how SELECT-only injection becomes RCE Lexfo's May 26, 2026 write-up on CVE-2026-9082 matters because it breaks a common defensive a...
Lucas Oliveira
Research