Hackers exploit unpatched Gogs zero-day to breach 700 servers

An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code ...

Why a secure software development life cycle is critical for manufacturers

Recent supply-chain breaches show how attackers exploit development tools, compromised credentials, and malicious NPM ...
Infosecurity Magazine

Log4Shell Downloaded 40 Million Times in 2025

Sonatype has claimed that 13% of Log4j versions downloaded this year were vulnerable to the legacy critical Log4Shell bug ...
Techzine Europe

Is React2Shell the new Log4Shell?

React Server Components contains a vulnerability that can be exploited on a large scale. To what extent is it similar to the ...
The Hacker News

Application Containment: How to Use Ringfencing to Prevent the Weaponization of Trusted Software

The challenge facing security leaders is monumental: Securing environments where failure is not an option. Reliance on traditional security postures, such as Endpoint Detection and Response (EDR) to ...
SecurityWeek

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability

Security firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog. Fortinet on Friday warned of an exploited FortiWeb ...