The Forgotten Bug: How a Node.js Core Design Flaw Enables HTTP Request Splitting
Deep dive into a TOCTOU vulnerability in Node.js’s ClientRequest.path that bypasses CRLF validation and enables Header Injection and HTTP Request
Read More
Month: February 2026
900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks
The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of
Read More
Microsoft HoloLens finds second home in the military after failing battlefield tests
Let’s hope air cargo checks don’t trigger the same headaches The US Army’s attempt to turn Microsoft HoloLens headsets into
Read More
Oak Ridge spawns institute to curb AI datacenter power surge
Lab aims to link power, cooling, and workload management to ease strain on the US grid Oak Ridge National Laboratory
Read More
Europol-led crackdown on The Com hackers leads to 30 arrests
A yearlong Europol-coordinated operation dubbed “Project Compass” has led to 30 arrests and 179 suspects being tied to “The Com,”
Read More
Amazon’s Fire TV Stick 4K Plus gets a better interface and a 40 percent discount
When Amazon first showed off its redesigned Fire TV OS at CES, we were impressed. It’s faster, better organized, and
Read More
FedEx promises to refund customers for ‘illegal’ tariffs
FedEx plans to pass along any refunds resulting from the Supreme Court’s ruling that some of President Donald Trump’s tariffs
Read More
CVE-2026-25147 | OpenEMR up to 7.x portal_payment.php pid authorization
A vulnerability was found in OpenEMR up to 7.x and classified as critical. This impacts an unknown function of the
Read More
CVE-2026-2751 | Centreon Web on Central Server up to 25.10.7/24.10.19/24.04.23 Service Dependencies sql injection
A vulnerability was found in Centreon Web on Central Server up to 25.10.7/24.10.19/24.04.23. It has been classified as critical. Affected
Read More
CVE-2026-24488 | OpenEMR up to 8.0.0 Fax Sending Endpoint path traversal
A vulnerability was found in OpenEMR up to 8.0.0. It has been declared as critical. Affected by this vulnerability is
Read More