Blog

The cybersecurity world is reeling from a new zero-day vulnerability detected in firewalls, the core protection layer of corporate networks. Discovered as of May 2026 in Check Point Quantum Security Gateways (particularly in the operating systems of enterprise appliances like the 5600 series), this critical vulnerability (CVSS 9.8) allows attackers to bypass authentication mechanisms and gain administrator privileges on the device. By targeting VPN tunnels or externally expos

Google Chrome 148 Released with 127 Security Fixes Google has rolled out Chrome 148 to the stable channel for Windows, macOS, and Linux, delivering one of the browser’s most security-focused updates in recent months. The new release, version 148.0.7778.96 for Linux and 148.0.7778.96/97 for Windows and Mac, resolves a total of 127 security vulnerabilities. Among the fixed issues, three vulnerabilities are classified as Critical, while more than two dozen are rated High sever

Cloud-based application development and deployment platform Vercel has confirmed that it was targeted in a cyberattack. The company stated that the incident began with the compromise of a third-party artificial intelligence tool. Reports claiming that the stolen data was later put up for sale have made the situation even more critical. Cloud-based application development and deployment platform Vercel has confirmed that it was targeted in a cyberattack. The company stated tha

Cybersecurity researchers have discovered a new Mirai-based botnet calling itself xlabs_v1. Detected by Hunt.io on a server hosted in the Netherlands, this malware compromises internet-exposed devices, incorporating them into a DDoS-for-hire network specifically targeting gaming and Minecraft servers. The most notable feature of this botnet is that it searches for devices with the Android Debug Bridge (ADB) service left open on TCP port 5555 by default. Android TV boxes, set-

A critical "Container Escape" vulnerability that has alarmed the cybersecurity world has been reported in Kubernetes systems, the cornerstone of cloud-native architectures. This zero-day flaw, detected in early May 2026, allows attackers to break out of a restricted container environment and gain "root" (full administrative) access to the underlying Host Node. This vulnerability can have devastating consequences, especially for organizations using multi-tenant cloud environme

Google has announced expanded Binary Transparency for Android as a way to safeguard the ecosystem from supply chain attacks. "This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said. The initiative builds upon the foundation of Pixel Binary Transparency, which Google introduced in October 2021 to bolster software integrity by ensuring that Pixel devices are only running v

The Case for XForce AI-Powered Risk Operations Centers (X-ROC) Traditional SOC (Security Operations Center) structures have played a critical role in monitoring and responding to cyber threats for many years. However, with today's increasing digitalization, cloud adoption, complex infrastructures, and AI-driven attacks, this model has become insufficient. The most significant issue with SOCs is their reactive nature. They cannot anticipate risks before an incident occurs. Fur

Multiple critical vulnerabilities have been detected in the open-source vm2 Node.js library, which is used to run JavaScript code in a secure, isolated environment. These vulnerabilities could allow attackers to escape the sandbox environment provided by vm2 and execute arbitrary code or commands on the host server. In other words, malicious or untrusted code that is expected to be isolated by vm2 can, in some cases, bypass this protection and gain access to the underlying sy