Critical Zero-Day Wave Hits Mozilla Firefox: Sandbox Escapes & Memory Corruption Flaws Expose Millions to Remote Takeover Vulnerabilities AegironFebruary 26, 2026February 26, 202611 mins0 High-Severity CVEs (CVE-2026-2790, CVE-2026-2789, CVE-2026-2778, CVE-2026-2761) Allow Same-Origin Bypass, Use-After-Free Exploitation, and Full Sandbox Escape — Immediate…continue reading..
Critical Flaws Discovered in Caddy Web Server: Remote Code Execution and mTLS Bypass Expose Servers to Full Compromise Vulnerabilities AegironFebruary 26, 2026February 26, 202611 mins0 Product Name: CaddyVendor: Caddy Server (Open Source)Technology Stack: Go-based HTTP server and reverse proxyCore Capabilities: Automatic HTTPS…continue reading..
CVE-2026-27607: RustFS Upload Policy Bypass Opens Door to Storage Abuse and Unauthorized Object Writes Vulnerabilities AegironFebruary 26, 20269 mins0 CVE-2026-27607 CVE ID: CVE-2026-27607Product: RustFS (S3-compatible object storage)Vulnerability Type: Policy Bypass / Upload Constraint BypassAffected Versions: 1.0.0-alpha.56…continue reading..
CVE-2026-2624: Critical Authentication Bypass in Antikor NGFW Exposes Firewalls to Full Remote Takeover Vulnerabilities AegironFebruary 26, 2026February 26, 202610 mins0 CVE-2026-2624 — Antikor NGFW Authentication Bypass CVE: CVE-2026-2624Product: ePati Cyber Security Antikor Next Generation Firewall (NGFW)Affected Versions:…continue reading..
CVE-2025-62878: Critical Kubernetes Storage Flaw Lets Attackers Overwrite Host Files and Seize Cluster Control Vulnerabilities AegironFebruary 26, 2026February 26, 202610 mins0 CVE-2025-62878 Product: Rancher Local Path ProvisionerVulnerability Type: Path Traversal → Arbitrary Host File WriteSeverity: CriticalCVSS v3.1: 10.0…continue reading..
CVE-2026-20129 & CVE-2026-20127: Critical Authentication Flaws Expose Cisco Catalyst SD-WAN to Full Network Takeover Vulnerabilities AegironFebruary 26, 2026February 26, 202611 mins0 Product Details Cisco Catalyst SD-WAN Manager and Cisco Catalyst SD-WAN Controller are core components of Cisco’s SD-WAN…continue reading..
North Korea–Linked APT37 Unveils “Ruby Jumper” Malware Targeting Air-Gapped Networks CyberSecurity News CyberDefenderFebruary 26, 2026February 26, 20268 mins0 In late 2025, cybersecurity researchers at Zscaler ThreatLabz uncovered a new wave of activity attributed to APT37—a…continue reading..
Dohdoor Malware Uses DLL Sideloading and EDR Bypass to Evade Detection, Researchers Warn CyberSecurity News CyberDefenderFebruary 26, 2026February 26, 20266 mins0 In late 2025, Cisco Talos identified an active malicious campaign—Dohdoor—being deployed by a threat actor tracked as…continue reading..
Breaking: Security Researchers Warn of Rising OAuth Consent Abuse Targeting Microsoft Entra ID Tenants CyberSecurity News CyberDefenderFebruary 26, 2026February 26, 20267 mins0 OAuth (Open Authorization) is a widely adopted authorization framework that enables third-party applications to access user data…continue reading..
Microsoft Calls for Rethinking Security: New Threat Modeling Framework Targets AI-Driven Applications CyberSecurity News CyberDefenderFebruary 26, 2026February 26, 20265 mins0 Modern AI systems—especially generative models and agentic applications—change the fundamentals of how we reason about security risk.…continue reading..
