12 – 18 Jan 2026 This week’s CVE of the Week is about the recent remote code execution vulnerability in Cisco’s Unified Communications (CM) products and Webex Calling Dedicated Instance, that has been actively exploited as a zero-day. This vulnerability is due to improper validation …
You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles …
12 – 18 Jan 2026 Our CVE of the Week series continues with an AI Agent vulnerability that affected ServiceNow, one of the most popular cloud-based platforms for IT and business process automation. The CVE-2025-12420 vulnerability, assigned with a CVSS 4.0 score of 9.3, allows …
5 – 11 Jan 2026 A new year, the same mission: raising awareness of critical vulnerabilities. Our CVE of the Week series continues in 2026 to help you stay ahead of emerging security risks. Let’s get started. Our first choice in 2026 is a vulnerability …
You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles …
In September 2024, I published an article on LinkedIn titled The Cost of Convenience: How Data Mismanagement and Ticket-Clipping Models are Failing Renters. It was written out of growing unease, not hindsight. At the time, the concern was simple but deeply uncomfortable: real estate agencies …
Over the past three days, a pattern has emerged that is difficult to dismiss as coincidence, mischief, or edge-case misuse. Investigations reported by reputable outlets, including The Guardian, reveal that Grok, an AI image generation tool, has been used to produce sexualised fake images of …
As modern software ecosystems become increasingly interconnected, software supply chain security has emerged as one of the most critical challenges in application security today. In this article, CyAN member Karthikeyan Ramdass examines why Software Supply Chain Failures, ranked as A03 in the OWASP Top 10:2025, …
As we begin 2026, we want to start by thanking everyone across the CyAN community for the trust, time, and energy you continue to invest in this network. We would also like to take a moment to spotlight the individuals who joined CyAN and our …
15 – 21 Dec 2025 As we reached the end of 2025 we have looked back to see the most impactful vulnerabilities of the year. Come and go through the TOP 10 CVEs of the year selected by our experts! A critical CVSS 9.1 flaw …