Automated Cloud Service Abuse Enables TeamPCP’s Large‑Scale Ransomware Campaign Credited by Freepik VTA-004561 – Automated Cloud Service Abuse Enables TeamPCP’s Large‑Scale Ransomware Campaign TeamPCP, also known as PCPcat or ShellForce, is a cybercrime group that launched a massive worm-like campaign … Read More
VTA
Critical SQL Injection Flaw Exposes FortiClient EMS to Remote Code Execution
Critical SQL Injection Flaw Exposes FortiClient EMS to Remote Code Execution Credited by Freepik VTA-004560 – Critical SQL Injection Flaw Exposes FortiClient EMS to Remote Code Execution Fortinet recently published a PSIRT advisory (FG-IR-25-1142) highlighting a critical security flaw in FortiClient EMS, the enterprise management server … Read More
Malicious dYdX Libraries Used to Steal Crypto Wallets via npm and PyPI
Malicious dYdX Libraries Used to Steal Crypto Wallets via npm and PyPI Credited by Freepik VTA-004559 – Malicious dYdX Libraries Used to Steal Crypto Wallets via npm and PyPI A sophisticated supply chain attack targeting dYdX, a popular decentralized finance (DeFi) … Read More
Malicious Bot Skills Signal a Shift in Crypto-Focused Attacks
Malicious Bot Skills Signal a Shift in Crypto-Focused Attacks Credited by Freepik VTA-004558 – Malicious Bot Skills Signal a Shift in Crypto-Focused Attacks ClawHavoc represents a sophisticated supply chain attack targeting the ClawHub marketplace for OpenClaw AI bots, where attackers uploaded 341 … Read More
n8n Sandbox Breach Exposes Enterprise AI Systems to Complete Takeover
n8n Sandbox Breach Exposes Enterprise AI Systems to Complete Takeover Credited by Freepik VTA-004557 – n8n Sandbox Breach Exposes Enterprise AI Systems to Complete Takeover CVE-2026-25049 represents a critical remote code execution (RCE) vulnerability in n8n, a popular open-source workflow automation platform used … Read More
From Low-Privilege Workflow to Full System Takeover in N8N
From Low-Privilege Workflow to Full System Takeover in N8N Credited by Freepik VTA-004556 – From Low-Privilege Workflow to Full System Takeover in N8N The n8n workflow automation platform, widely used to link applications, APIs and custom logic in automated business processes, was … Read More
Microsoft Releases Emergency Fix CVE-2026-21509 for Actively Exploited Office Zero-Day
Microsoft Releases Emergency Fix CVE-2026-21509 for Actively Exploited Office Zero-Day Credited by Freepik VTA-004555 – Microsoft Releases Emergency Fix CVE-2026-21509 for Actively Exploited Office Zero-Day In late January 2026, Microsoft released an emergency out-of-band patch for a serious zero-day vulnerability affecting its widely used Office suite. … Read More
Fortinet Blocks Exploited FortiCloud SSO Zero Day Vulnerability
Fortinet Blocks Exploited FortiCloudSSO Zero Day Vulnerability Credited by Freepik VTA-004554 – Fortinet Blocks Exploited FortiCloudSSO Zero Day Vulnerability Fortinet has disclosed a critical authentication bypass vulnerability in its FortiCloud SSO feature, actively exploited in the wild across FortiOS, FortiManager, … Read More
Cloudflare WAF Zero-Day Allowed Origin Server Bypass
Cloudflare WAF Zero-Day Allowed Origin Server Bypass Credited by Freepik VTA-004553 – Cloudflare WAF Zero-Day Allowed Origin Server Bypass Security researchers uncovered a critical zero-day flaw in Cloudflare’s Web Application Firewall that allowed attackers to bypass security controls and directly … Read More