LiteLLM, the proxy that manages your AI API keys, has a pre-auth SQL injection. CVSS 9.8. On CISA KEV. Exploited 36 hours after disclosure. Every API key it stores is compromised.
CISA just added this Palo Alto GlobalProtect vulnerability to the Known Exploited Vulnerabilities catalog. If your VPN runs on PAN-OS, your remote workers might not be the only ones connecting.
Anonymous SQL injection in Drupal core. No login required. On CISA KEV. Mass scanning started within days. If you run Drupal on PostgreSQL, patch right now or take it offline.
Set one HTTP header and skip all middleware. Authentication, authorization, rate limiting, all of it. CVE-2025-29927. Confirmed exploitation in the wild. If you run Next.js, update now.
A crafted email is all it takes. Open it in Outlook Web Access and an attacker runs JavaScript in your browser. No patch yet. Here's what to do if you run Exchange on-prem.
Two new kernel vulnerabilities chain together for race-free root on every major distro. Exploited within 24 hours of disclosure. Same primitive class as Dirty Pipe and CopyFail. Patch your servers.
A 9-year-old kernel bug. 732-byte exploit. Works identically on Ubuntu, RHEL, Debian, Fedora, Amazon Linux. No race condition needed. On CISA KEV. Patch your servers.
The Dutch data authority. The European Commission. Finland. The Council for the Judiciary. All breached through Ivanti EPMM zero-days. CVSS 9.8. If you manage mobile devices with Ivanti, check your version now.