Apache HTTP Server HTTP/2 Double-Free Vulnerability Enabling DoS and RCE (CVE-2026-23918)

Scope: Apache HTTP Server 2.4.66 (mod_http2 with multi-threaded MPM)

Severity: Red

Read More

DAEMON Tools Supply Chain Attack – Official Installers Trojanized Since April 8, 2026

Scope: DAEMON Tools Lite (Versions 12.5.0.2421 – 12.5.0.2434)

Severity: Red

Read More

Quasar Linux (QLNX) Implant Targeting Developer and DevOps Environments

Scope: Linux Developer Workstations, DevOps Infrastructure (npm, PyPI, GitHub, AWS, Docker, Kubernetes)

Severity: Red

Read More

PAN-OS User-ID Authentication Portal Buffer Overflow Zero-Day Under Active Exploitation (CVE-2026-0300)

Scope: Palo Alto Networks PAN-OS (PA-Series and VM-Series Firewalls)

Severity: Red

Read More

Google Android Binary Transparency Expanded to All Production Apps

Scope: Google Android (All Production Apps and Mainline Modules)

Severity: Low

Read More

MuddyWater Iranian APT Deploying "False Flag" Ransomware via Microsoft Teams (Darkcomp RAT)

Scope: Microsoft Teams (Enterprise Environments)

Severity: Red

Read More