Tag:

critical

Safety & Security

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

by David Walker February 18, 2026

by David Walker February 18, 2026 0 comments

Ravie LakshmananFeb 18, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio Code (VS Code) extensions that, if successfully exploited, could allow …

Safety & Security

Critical BeyondTrust RS vulnerability exploited in active attacks

by David Walker February 14, 2026

by David Walker February 14, 2026 0 comments

Researchers warn that a critical vulnerability patched this week in BeyondTrust Remote Support is being exploited in the wild to compromise self-hosted deployments, including Bomgar remote support appliances, which included …

Safety & Security

Ivanti patches two actively exploited critical vulnerabilities in EPMM

by David Walker January 31, 2026

by David Walker January 31, 2026 0 comments

The company advises triaging logs with the ^(?!127\.0\.0\.1:\d+ .*$).*?\/mifs\/c\/(aft|app)store\/fob\/.*?404 regular expression and looking for HTTP 404 error response codes as well as GET requests with parameters that have bash commands. …

Safety & Security

Trend Micro patches critical flaws in its Apex Central software

by David Walker January 10, 2026

by David Walker January 10, 2026 0 comments

Erik Avakian, technical counselor at Info-Tech Research Group, explained why this is an issue. “There’s a critical flaw in the management server in how one of its background services handles …

Safety & Security

Critical ‘MongoBleed’ Bug Under Active Attack, Patch Now

by David Walker January 6, 2026

by David Walker January 6, 2026 0 comments

Attackers are actively exploiting a critical vulnerability in MongoDB to steal sensitive information directly from an affected server’s memory. The attacks appear to have started on Dec. 29, barely three …

Safety & Security

Critical vulnerability in IBM API Connect could allow authentication bypass

by David Walker January 1, 2026

by David Walker January 1, 2026 0 comments

This, said Gogia, further elevates the risk. “That is not a cosmetic detail,” he noted. “Management planes define configuration truth, lifecycle control, and operational authority across the platform. When remediation …

Safety & Security

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

by David Walker December 31, 2025

by David Walker December 31, 2025 0 comments

Dec 30, 2026Ravie LakshmananVulnerability / Email Security The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that …

Safety & Security

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

by David Walker December 26, 2025

by David Walker December 26, 2025 0 comments

Dec 26, 2025Ravie LakshmananAI Security / DevSecOps A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even …

Safety & Security

Apache Tika hit by critical vulnerability thought to be patched months ago

by David Walker December 9, 2025

by David Walker December 9, 2025 0 comments

CVE superset The maintainers have now realized that the XXE injection flaw is not limited to this module. It affects additional Tika components, namely Apache Tika tika-core, versions 1.13 to …