CVE-2026-34939

PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.searchtools compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python...

CVE-2025-15608

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

When your DDoS mitigation provider goes down: Why traffic control can’t be outsourced

Since the headline-grabbing outages of 2021, we’ve had recurring conversations with large enterprises asking some version of the same question. Do we really want our CDN, security, and routing control to live in the same place? This issue of control has become more urgent after a series of...

CVE-2026-29771

Netmaker makes networks with WireGuard. Prior to version 1.2.0, the /api/server/shutdown endpoint allows termination of the Netmaker server process via syscall.SIGINT. This allows any user to repeatedly shut down the server, causing cyclic denial of service with approximately 3-second restart...

The Future of Iran’s Internet Is More Uncertain Than Ever

Iran’s internet shutdown has reduced connectivity by 99 percent, with air strikes likely causing additional outages, and few workarounds remaining...

When Cloud Outages Ripple Across the Internet

Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites and services that many other systems depend on. The resulting ripple effects have halted...

PT-2026-6268

Name of the Vulnerable Software and Affected Versions apko versions 0.14.8 through 1.0.9 Description apko is a tool for building and publishing OCI container images from apk packages. A flaw exists in the expandapk.Split function where it drains the first gzip stream of an APK archive without...

Poland Thwarts Russian Wiper Malware Attack on Power Plants

Poland blocked a Russian wiper malware attack on power and heating plants, officials say, avoiding outages during winter and prompting tighter cyber rules...

XWiki's REST APIs don't enforce any limits, leading to unavailability and OOM in large wikis

Impact XWiki's REST API doesn't enforce any limits for the number of items that can be requested in a single request at the moment. Depending on the number of pages in the wiki and the memory configuration, this can lead to slowness and unavailability of the wiki. As an example, the...

Ruijie AP_RGOS 安全漏洞

Ruijie APRGOS is a general-purpose network operating system from China's Ruijie Ruijie Corporation. A security vulnerability exists in Ruijie APRGOS version 11.1.x. The vulnerability stems from a command injection in the webaction.do endpoint, which could lead to file disclosure and device outage...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a live lock issue in fuse synchronized file placement, which could make services unavailable...

Elena Lazar: Failures are Inevitable – Reliability is a Choice

Reliability engineer on why resilience must be designed, not patched, and how decades of global experience taught her to turn outages into insights...

Threat Landscape of the Building and Construction Sector Part Two: Ransomware

In this second installment of our two-part series on the construction industry, Rapid7 is looking at the specific threat ransomware poses, why the industry is particularly vulnerable, and ways in which threat actors exploit its weaknesses to great effect. You can catch up on the first part here:...

EUVD-2010-3681

Malware in sbrugna...

From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware

With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this shift is the growing threat of ransomware, which continues to evolve in both frequency and complexity...

Truth Social Crashes as Trump Live-Posts Iran Bombing

The social network started experiencing global outages within minutes of Donald Trump posting details of a US military strike on Iran...

Report Warns of Sophisticated DDoS Campaigns Crippling Global Banks

A new FS-ISAC and Akamai report warns that sophisticated DDoS attacks are severely impacting the global financial sector, leading to multi-day outages. Learn about these evolving threats and how institutions can strengthen defences...

CVE-2023-23576

Incorrect behavior order in the Command Centre Server could allow privileged users to gain physical access to the site for longer than intended after a network outage when competencies are used in the access decision. This issue affects: Gallagher Command Centre: 8.90 prior to vEL8.90.1620 MR2,...

Open5GS Denial of Service Vulnerability (CNVD-2025-08796)

Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. Open5GS suffers from a denial of service vulnerability that can be exploited by attackers to cause network outages...

X users report login troubles as Dark Storm claims cyberattack

In the early morning hours of March 10, thousands of users on X formerly Twitter began having trouble logging into the platform. It was only the first service blip of at least three to come that same day and, if one cybercriminal group is to be believed, it was all on purpose. “Twitter has been...