- AI/ML Pipeline Exploitation
- CVE-2026-22218 - Arbitrary File Copy
- Fortinet CVE-2024-23113 Actively Exploited
- Nuclei Templates for GCP & Alibaba Cloud Misconfigurations
- Nuclei Templates Labs for Hands-on Testing
AI/ML Pipeline Exploitation
WhatAttackers target vulnerabilities in machine learning systems, including poisoning training data and adversarial attacks against deployed models.
Sourcecycode.com
Applies toanthropic-project-injection-report
Why it mattersThis confirms the broader threat landscape for AI systems, where model trust and input integrity are critical attack surfaces.
CVE-2026-22218 - Arbitrary File Copy
WhatA vulnerability allows attackers to copy arbitrary server files into their session, potentially leaking sensitive data like API keys.
Sourcewww.sysdig.com
Applies toGeneral
Why it mattersFile read vulnerabilities are a primary method for escalating access and pivoting within a compromised environment.
Fortinet CVE-2024-23113 Actively Exploited
WhatA critical Fortinet vulnerability (CVE-2024-23113) is actively being exploited in the wild and has been added to CISA's Known Exploited Vulnerabilities catalog.
Sourcewww.quorumcyber.com
Applies toGeneral
Why it mattersThis highlights a current, weaponized vulnerability in common enterprise networking hardware that could serve as an initial access vector.
Nuclei Templates for GCP & Alibaba Cloud Misconfigurations
WhatProjectDiscovery released new Nuclei templates (v10.2.0, v10.1.1) for detecting security misconfigurations in Google Cloud Platform and Alibaba Cloud environments.
Sourceprojectdiscovery.io
Applies toGeneral
Why it mattersPre-built detection templates allow for rapid, automated scanning of cloud assets for common insecure configurations.
Nuclei Templates Labs for Hands-on Testing
WhatProjectDiscovery created "Nuclei Templates Labs," a collection of vulnerable environments with ready-to-use detection templates for safe security testing and learning.
Sourceprojectdiscovery.io
Applies toGeneral
Why it mattersThis provides a controlled, legal environment to practice vulnerability detection and understand exploit chains relevant to real-world assessments.
Is your WordPress site exposed to threats like these?
Arc is an AI security agent that watches your site 24/7 and patches vulnerabilities before attackers find them.
Scan your site free →