Back to Blog

#Incident Response

22 posts
SimpleHelp CVE-2026-48558 exploitation turns RMM into a credential-theft path

SimpleHelp CVE-2026-48558 exploitation turns RMM into a credential-theft path

SimpleHelp CVE-2026-48558 exploitation turns RMM into a credential-theft path SimpleHelp has moved from patched vulnerability to active intrusion path. Attacker...

July 1, 2026
9 min read
Oracle E-Business Suite CVE-2026-46817 is now an active exploitation risk

Oracle E-Business Suite CVE-2026-46817 is now an active exploitation risk

Oracle E-Business Suite CVE-2026-46817 is now an active exploitation risk Oracle E-Business Suite has another critical exposure that defenders should move out o...

June 30, 2026
8 min read
Actively exploited UniFi OS flaws turn network controllers into root-level targets

Actively exploited UniFi OS flaws turn network controllers into root-level targets

Actively exploited UniFi OS flaws turn network controllers into root-level targets CISA has added three Ubiquiti UniFi OS vulnerabilities to its Known Exploited...

June 29, 2026
7 min read
CISA's June 28 KEV deadline puts PTC Windchill and Cisco Unified CM on emergency footing

CISA's June 28 KEV deadline puts PTC Windchill and Cisco Unified CM on emergency footing

CISA's June 28 KEV deadline puts PTC Windchill and Cisco Unified CM on emergency footing CISA's latest Known Exploited Vulnerabilities update has turned Sunday,...

June 28, 2026
8 min read
Joomla JCE exploitation forces defenders beyond simple patching

Joomla JCE exploitation forces defenders beyond simple patching

Joomla JCE exploitation forces defenders beyond simple patching On Friday, June 19, 2026, defenders running Joomla sites with the JCE editor are at a deadline,...

June 19, 2026
6 min read
PAN-OS GlobalProtect auth bypass is now an incident response problem

PAN-OS GlobalProtect auth bypass is now an incident response problem

PAN-OS GlobalProtect auth bypass is now an incident response problem Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, an authentication by...

June 15, 2026
6 min read
Oracle PeopleSoft alert follows breach claims at 100+ organizations

Oracle PeopleSoft alert follows breach claims at 100+ organizations

Oracle PeopleSoft alert follows breach claims at 100+ organizations Claims of mass compromise across Oracle PeopleSoft environments were already serious on June...

June 11, 2026
7 min read
GitHub breach forces GHES signing-key rotation

GitHub breach forces GHES signing-key rotation

GitHub breach forces GHES signing-key rotation | 2026 GitHub's May 2026 incident is a useful reminder that developer tooling is now part of the production trust...

June 4, 2026
6 min read
GitHub GHES Signing Key Rotation Puts Admins on the Clock

GitHub GHES Signing Key Rotation Puts Admins on the Clock

GitHub GHES Signing Key Rotation Puts Admins on the Clock Executive Summary GitHub warned on May 26, 2026 that administrators running GitHub Enterprise Server (...

May 29, 2026
6 min read
Dirty Frag Linux kernel zero-day gives local users a fast path to root

Dirty Frag Linux kernel zero-day gives local users a fast path to root

Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag is the kind of Linux bug defenders worry about because it turns a limited foot...

May 10, 2026
5 min read
Dirty Frag Linux kernel zero-day gives local users a fast path to root

Dirty Frag Linux kernel zero-day gives local users a fast path to root

Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag deserves attention because it is not a theoretical Linux bug waiting for slow...

May 8, 2026
5 min read
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path

CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path

CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path A critical point in the new PAN-OS warning is that defenders are not looking at a ro...

May 7, 2026
4 min read