top of page
The Security Brief
Cisco's Maximum-Severity SD-WAN Flaw Is Under Active Attack
Cisco has patched a flaw in its Catalyst SD-WAN Controller that carries the worst score the CVSS scale can give: a clean 10.0. Tracked as CVE-2026-20182, it lets an unauthenticated attacker bypass authentication entirely and take administrative control of the device. Cisco confirmed the flaw was already being exploited before the fix was available. What Happened The vulnerability sits in the peering authentication mechanism of Cisco Catalyst SD-WAN Controller (formerly vSmart
15 hours ago3 min read
One Git Push, Full Server Compromise: Inside GitHub Enterprise's CVE-2026-3854
A single git push was all it took. On 28 April, GitHub publicly disclosed CVE-2026-3854, a CVSS 8.7 remote code execution flaw in GitHub Enterprise Server that any authenticated user with push access could trigger. The fix shipped fast. The lesson for self-hosted code platforms is harder to patch. What Happened Wiz Research found the bug on 4 March 2026 and reported it to GitHub the same day. GitHub deployed a fix to GitHub.com within hours and released patches for GitHub Ent
May 13 min read
Windows Defender Under Fire: Three Zero-Days in Thirteen Days
One researcher. Three Windows Defender zero-days. Thirteen days. That cadence has left most corporate Windows estates carrying at least one unpatched privilege escalation bug this week, with CISA ordering federal agencies to fix the first of them by 6 May. What Happened On 7 April, a proof-of-concept exploit named BlueHammer (CVE-2026-33825) was published, showing how an unprivileged local user could gain SYSTEM access on fully patched Windows 10 and Windows 11 machines. The
Apr 273 min read
Microsoft's April 2026 Patch Tuesday: 163 Vulnerabilities, Two Zero-Days, and Why Your Organisation Cannot Afford to Wait
Microsoft's April 2026 Patch Tuesday has landed with a staggering 163 security fixes — the second-largest patch release in the company's history. Among them are two zero-day vulnerabilities, one already being actively exploited in the wild, and eight critical flaws that could allow remote code execution across enterprise infrastructure. For Australian organisations running Microsoft environments, this is not a routine update cycle — it demands immediate attention. What Happen
Apr 173 min read
Docker's Billion-Dollar Oversight: CVE-2026-34040 Lets Attackers Slip Past Authorisation Plugins
A newly disclosed vulnerability in Docker Engine has once again shown how a single overlooked edge case can unravel an entire security control. CVE-2026-34040, rated 8.8 on the CVSS scale, allows attackers to bypass authorisation plugins with nothing more than a padded HTTP request. For any organisation running containers in production — which today means most of them — the implications are serious and immediate. What Happened Researchers at Cyera discovered that Docker's mid
Apr 103 min read
bottom of page