SecurityWeek

Hackers Targeting Cisco Unified CM Zero-Day

Cisco announced patches for CVE-2026-20045, a zero-day vulnerability in Unified CM that has been targeted by hackers.
Cyber Daily

Cisco addresses Unified Communications vulnerability as active exploitation underway

Remote code execution vulnerability CVE-2026-20045 considered Critical by vendor as US cyber agency adds vulnerability to KEV ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

Cisco fixes Unified Communications RCE zero day exploited in attacks

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as ...

Anthropic's official Git MCP server had some worrying security flaws - this is what happened next

Anthropic, the company behind the popular AI model Claude has fixed multiple bugs in its Git MCP server which, researchers ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...
The Hacker News

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
WinBuzzer

Microsoft January 2026 Patch Tuesday Fixes Actively Exploited DWM Zero-day Alongside 111 Security Flaws

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution - SiliconANGLE ...