CSO Online

HP Poly VoIP vulnerability sets the stage for executive voice deepfakes

The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ...

No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since ...
SecurityWeek

Gogs Zero-Day Exposes Servers to Remote Code Execution

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.
The Hacker News

Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT

SideCopy targeted Afghanistan's Finance Ministry with Xeno RAT via Pashto phishing lures, enabling espionage and system ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...
Infosecurity Magazine

Threat Actor Uses AI to Build EDR Evasion Tools

A threat actor has been observed using AI coding tools to develop and refine malware designed to slip past endpoint detection ...
The Hacker News

CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited ...