Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2026-46817: Oracle EBS Payments Vulnerability Under Active Exploitation

Oracle E-Business Suite (EBS) sits at the center of finance, procurement, and payment operations for many large enterprises. When a critical vulnerability surfaces in a module like Oracle Payments, the impact reaches well past IT. It touches financial data, transaction integrity, and regulatory exposure. CVE-2026-46817 is exactly that kind of vulnerability, and it is now being actively exploited.

CVE-2026-33017: Langflow RCE Deploys Monero Miners on AI Servers

Enterprises are standing up AI application frameworks like Langflow faster than security teams can review them. These platforms let teams build and automate generative AI workflows in days instead of months, but that speed comes with a cost: many instances go live with default settings, get exposed to the internet, and never make it onto a security team’s radar. CVE-2026-33017 shows exactly what happens next.

CVE-2026-42271: Unauthenticated RCE in LiteLLM AI Gateway

LiteLLM, a widely deployed open-source AI gateway, is affected by a critical exploit chain that allows unauthenticated attackers to execute arbitrary commands on vulnerable hosts. CISA added CVE-2026-42271 to its Known Exploited Vulnerabilities (KEV) catalog on June 9, 2026, confirming active exploitation in the wild. The Qilin ransomware group has been linked to exploitation activity. What makes this especially dangerous is the chain: CVE-2026-42271 on its own required a valid API key.

CVE-2026-35273: Active Exploitation of Oracle PeopleSoft Zero-Day Vulnerability

Oracle has disclosed CVE-2026-35273, a critical vulnerability in PeopleSoft Enterprise PeopleTools that has already been exploited by threat actors. The vulnerability allows unauthenticated attackers to remotely compromise vulnerable systems and potentially achieve remote code execution, putting exposed PeopleSoft environments at immediate risk. What makes this vulnerability especially concerning is that attackers exploited it as a zero-day before Oracle released a patch.

CERT-In's 12-Hour Patch Mandate: Is Your Organisation Ready to Respond at AI Speed?

CERT-In just published a risk-based remediation framework that resets expectations for every organisation operating in India. The timelines are worth reading twice: Now consider one question: if a known exploited vulnerability appeared on your internet-facing application at 11pm tonight, what would your team do in the next 12 hours?

CVE-2026-45247: Critical RCE Vulnerability in Mirasvit Cache Warmer

Magento and Adobe Commerce environments often rely on third-party extensions to extend functionality and improve performance. However, these extensions can also introduce security risks that exist outside the core platform. CVE-2026-45247 is a recent example of how vulnerabilities in third-party Magento extensions can create severe security risks.

17 Best Cloud WAAP & WAF Software in 2026

A web application firewall is a security software that observes and filters HTTP/HTTPS traffic between a web application and the internet. While this has been available for decades, with the evolution of the threat landscape, WAFs have also added additional capabilities to protect not only web apps but also APIs against a range of attacks, including DDoS and bot attacks. So, the category has evolved and is currently called Web Application and API Protection (WAAP).

6 WAAP Features Every Bank and Financial Institution Needs in 2026

Banking & Financial Services (BFS) firms are shouldering a uniquely heavy share of the global threat load. The newly released Indusface State of Application Security 2026 study paints a stark picture: Why the laser focuses on finance? Strict regulations mean banks generally run strong perimeters, so adversaries pivot to bots, API abuse, and nuanced business-logic exploits that slip past ‘default’ defenses.

NGINX Under Active Attack: CVE-2026-42945 and CVE-2026-9256 Put Your Infrastructure at Risk

NGINX administrators are facing back-to-back emergency patch cycles. Within days of each other, two critical heap buffer overflow vulnerabilities were disclosed in the same NGINX component, both capable of crashing worker processes and enabling remote code execution on systems without ASLR. If your organization runs NGINX in any capacity, these need immediate attention.

CVE-2026-9082: Critical Drupal SQL Injection Vulnerability Affects PostgreSQL Deployments

A highly critical SQL injection vulnerability in Drupal core has raised concerns across organizations running PostgreSQL-backed Drupal environments. Tracked as CVE-2026-9082, the vulnerability affects Drupal’s database abstraction layer and can be exploited remotely without authentication. The vulnerability was disclosed through Drupal security advisory SA-CORE-2026-004 on May 20, 2026. CVE-2026-9082 is now under active exploitation.