Trend Micro Apex One Directory Traversal Zero-Day Added to CISA KEV (CVE-2026-34926)

Scope: Trend Micro Apex One On-Premises (Server and Agent Builds Below 17079)

Severity: High

Read More

Ghost CMS SQL Injection Actively Exploited in Large-Scale ClickFix Campaign (CVE-2026-26980)

Scope: Ghost CMS Versions 3.24.0 to 6.19.0

Severity: Red

Read More

npm Security Hardening Advisory: 2FA-Gated Staged Publishing and Install Source Controls Now Available

Scope: npm Ecosystem (All Package Maintainers and CI/CD Pipelines)

Severity: High

Read More

Ghost CMS SQL Injection Actively Exploited in Large-Scale ClickFix Campaign (CVE-2026-26980)

Scope: Ghost CMS Versions 3.24.0 to 6.19.0

Severity: Red

Read More

MiniPlasma – Windows Cloud Files Mini Filter Driver Zero-Day Bypasses 2020 Patch, Grants SYSTEM Access

Scope: Windows 11 and Windows Server 2022, 2025, 2026 (All Fully Patched Builds as of May 2026)

Severity: Red

Read More

DirtyDecrypt (DirtyCBC) – Linux Kernel rxgk Missing COW Guard Grants Root Access (CVE-2026-31635)

Scope: Linux Kernel with CONFIG_RXGK Enabled (Fedora, Arch Linux, openSUSE Tumbleweed)

Severity: Red

Read More