Please turn JavaScript on
Find more feeds

Security Affairs

Subscribe in seconds and receive Security Affairs's news feed updates in your inbox, on your phone or even read them from your own news page here on follow.it.

You can select the updates using tags or topics and you can add as many websites to your feed as you like.

And the service is entirely free!

Follow Security Affairs: Security Affairs - Read, think, share … Security is everyone's responsibility

Is this your feed? Claim it!

Publisher:  Unclaimed!
Message frequency:  4.58 / day

Message History

U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) 


Read full story
Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges
Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely.

Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perfo...


Read full story
Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets
Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram.

Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen hits. Sekoia researchers found...


Read full story
Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process
A researcher publicly released a VS Code exploit within hours, citing past disputes with Microsoft over bug handling.

The security researcher Ammar Askar found a new serious zero-day in Visual Studio Code, told a contact at GitHub about it, and published a working exploit one hour later.

“Just by clicking a link, it’s possible for an attacker to steal a Git...


Read full story
29 Arrests, Nine Crime Groups Dismantled: Another Blow to Illegal Streaming
International Operation KRATOS led by Europol dismantled illegal streaming networks, leading to 29 arrests and nine crime groups taken down.

An international law enforcement operation, codenamed Operation KRATOS and involving 13 countries (Belgium, Bulgaria, Croatia, France, Greece, Ireland, Italy, the Netherlands, Poland, Romania, Spain, the UK, and the US), spent seven ...


Read full story