Category desk

Exploits

Zero-days, proof-of-concept activity, exploit chains, and emergency patch windows.

NGINX Rift CVE-2026-42945 rewrite module vulnerability diagram

NGINX “Rift” Rewrite Module Flaw Confirmed as CVE-2026-42945

CVE-2026-42945 is now tracked as a heap-based buffer overflow in NGINX's rewrite module, affecting NGINX Open Source and NGINX Plus under specific rewrite-rule conditions.

Microsoft Exchange OWA CVE-2026-42897 zero-day mitigation diagram

Microsoft Exchange Exploits

Microsoft Confirms Exploited Exchange OWA Vulnerability as CVE-2026-42897

Microsoft has disclosed CVE-2026-42897, a high-severity Exchange Server Outlook Web Access vulnerability affecting on-premises deployments, with mitigation available while a permanent fix is pending.

Cisco SD-WAN zero-day CVE-2026-20182 authentication bypass poster

Network Security Exploits

Cisco Patches Critical SD-WAN Zero-Day Exploited by Sophisticated Threat Actor

Cisco patched CVE-2026-20182, a critical Catalyst SD-WAN Controller and Manager zero-day that can let remote attackers bypass authentication and manipulate SD-WAN fabric configuration.

Latest

May 20, 2026, 3:31 PM EDT · AI Security · Claude Code13 minHow Claude Code Works Internally: From CLI Startup to Agentic Tool Execution

A practical systems-level explanation of Claude Code as a local agent runtime, covering startup, authentication, tools, permissions, sessions, MCP, plugins, and the Agent SDK.

May 18, 2026, 11:23 AM EDT · AI Security · AI Gateway Security5 minCritical Langflow Vulnerability Exposes AI Workflows and API Keys to Active Exploitation

CVE-2026-33017 exposes Langflow AI workflow builders to unauthenticated remote code execution through the public flow build endpoint.

May 18, 2026, 11:06 AM EDT · Supply Chain · Supply Chain5 minTrivy Vulnerability Turns Trusted CI/CD Scanner Into Supply Chain Secret-Stealing Threat

CVE-2026-33634 turned trusted Trivy releases and GitHub Actions into credential-stealing malware inside CI/CD pipelines and developer environments.

May 18, 2026, 10:50 AM EDT · Exploits · Exploited Vulnerability10 minThree Flaws, One Attack Chain: How SimpleHelp Became Ransomware's Favourite MSP Gateway

SimpleHelp CVE-2024-57727, CVE-2024-57726, and CVE-2024-57728 form an attack chain abused by ransomware actors against MSPs and downstream customers.