CWE-200 - Exposure of Sensitive Information is a cwe tracked across 50 threat clusters and 1458 intelligence report mentions on ThreatCluster. First observed April 14, 2026; most recent activity July 17, 2026.
Cisco has disclosed a critical authentication bypass vulnerability, CVE-2026-20182, affecting its Catalyst SD-WAN Controller and Manager. This flaw allows unauthenticated remote attackers to bypass authentication and…
A critical command injection vulnerability, CVE-2026-42271, in LiteLLM, an open-source AI gateway, allows unauthenticated remote code execution (RCE) when chained with CVE-2026-48710, a Host header validation bypass in…
The FBI and partners disrupted a covert network of compromised TP-Link and MikroTik routers exploited by the Russian GRU (APT28) to steal Outlook credentials. This operation, known as Operation Masquerade, revealed that…
On June 17, 2026, F5 released emergency patches for two critical vulnerabilities in NGINX, CVE-2026-42530 and CVE-2026-42055. These vulnerabilities affect NGINX Open Source, NGINX Plus, and related products, allowing…
Silex Technology, Inc. has reported a critical heap-based buffer overflow vulnerability in its SD-330AC devices and AMC Manager software, identified as CVE-2026-32956. This vulnerability allows unauthenticated remote…
CVE-2026-48611 has been identified as a critical vulnerability due to improper authentication checks in OAuth implementations, allowing account hijacking even when OAuth is disabled. This flaw affects default…
Operation Escaneo is a coordinated cyberattack attributed to the MexicanMafia group, targeting critical infrastructure across Latin America, primarily Mexico. The campaign, which spanned from 2025 to 2026, utilized…
In February 2024, Change Healthcare suffered a ransomware attack attributed to the ALPHV group, impacting approximately 190 million individuals, making it the largest medical data breach in U.S. history. The attack…
A sophisticated cyber campaign has exploited a critical cPanel vulnerability (CVE-2026-41940) to breach government and military servers in Southeast Asia, particularly targeting Indonesia. The attackers utilized a…
A joint advisory from 21 global cybersecurity agencies warns that Russian state hackers from the FSB's Center 16 are exploiting poorly configured routers to infiltrate critical infrastructure networks worldwide. The…