Original threat advisories covering active campaigns, real attack paths, and specific remediation guidance. Written for practitioners..
A local privilege escalation vulnerability in the Linux kernel's cryptographic subsystem (algif_aead) is now under active exploitation. CVE-2026-31431 stems from an incorrect resou
A critical vulnerability in the Linux kernel's ESP (Encapsulating Security Payload) handling allows local attackers to escalate privileges to root. Tracked as CVE-2026-43284, the f
Three actively exploited Fortinet CVEs show why firewalls and VPN appliances are high-value targets, not just protective controls. A CVSS score does not tell you whether your perimeter device is already being scanned for exploitation.
Two critical vulnerabilities in nginx-ui chain together for complete unauthenticated server takeover. Attackers are not going after nginx — they are going after the management tooling organizations layer on top of it.
CVE-2025-23419 is a vulnerability in F5 NGINX that allows attackers to bypass client certificate authentication when TLS session tickets are enabled across multiple virtual servers
CVE-2016-5195, widely known as "Dirty COW," is a race condition vulnerability in the Linux kernel's memory subsystem that allows local privilege escalation to root. The flaw exists