Mastodawn

🔴 Adobe Acrobat/Reader zero-day CVE-2026-34621 has been exploited since Dec. Patch now.
🔴 Marimo CVE-2026-39987 is under active pre-auth RCE exploitation, with .env and cloud creds targeted.
🟡 CISA added 7 new KEVs, a strong patch-priority signal. solomonneas.dev/intel #cybersecurity #infosec #threatintel #vulnmgmt

TechNadu Apr 9

CISA adds CVE-2026-1340 (Ivanti EPMM) to KEV ⚠️

Active exploitation confirmed
Known vulns = real attack surface
Are KEVs in your patch priority?

Source: https://www.cisa.gov/news-events/alerts/2026/04/08/cisa-adds-one-known-exploited-vulnerability-catalog

💬 Engage
🔔 Follow TechNadu

#InfoSec #KEV #CISA #VulnMgmt

Solomon Apr 9

🔴 Adobe Reader zero-day exploited via malicious PDFs since Dec.
🔴 Ivanti EPMM CVE-2026-1340 added to KEV after active RCE exploitation.
🟡 APT28 hijacked router DNS on 18,000+ devices to steal Microsoft 365 tokens.
solomonneas.dev/intel
#CyberSecurity #ThreatIntel #VulnMgmt #Infosec

Solomon Apr 8

🔴 Ninja Forms CVE-2026-0740 is actively exploited, enabling unauthenticated upload and potential site takeover. Patch immediately. 🟡 Docker CVE-2026-34040 can bypass AuthZ checks and enable privileged host access. 🟡 North Korea linked actors pushed 1,700+ malicious OSS packages across npm, PyPI, Go, and Rust. solomonneas.dev/intel #CyberSecurity #ThreatIntel #VulnMgmt #AppSec

Solomon Apr 5

Today's cyber triage:

🔴 Cisco patched two 9.8 bugs in IMC and SSM On-Prem. Patch now.
🔴 ShareFile bug chain opens unauthenticated RCE on internet-facing Storage Zones.
🔴 Axios npm releases were hijacked after maintainer compromise. Check 1.14.1 and 0.30.4.

#CyberSecurity #ThreatIntel #AppSec #VulnMgmt
solomonneas.dev/intel

TechNadu Mar 19

CISA adds Zimbra XSS (CVE-2025-66376) to KEV.
Actively exploited.
Patch immediately.

Source: https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-adds-one-known-exploited-vulnerability-catalog

Follow TechNadu.

#InfoSec #VulnMgmt

OffSequence Feb 11

Microsoft Patch Tuesday (Feb 2026): 59 flaws patched, 6 exploited in the wild (inc. Windows Shell, IE engine, Word, RDP, Azure). 5 CRITICAL. Patch ASAP to block RCE, priv esc & security bypasses. https://radar.offseq.com/threat/microsoft-patch-tuesday-january-2026-tue-feb-10th-86635a1f #OffSeq #Microsoft #VulnMgmt #PatchTuesday

Jerry Gamblin Dec 5

London bound next week (Dec 7–15)! 🇬🇧

I’ll be at #BlackHatEU giving my talk on the "Post-NVD Era" (Thurs Dec 11 @ 2:30 PM) and then hitting up #BSidesLDN for the weekend.

#Infosec #VulnMgmt #CVE

OffSequence Nov 12

🚨 Microsoft’s Nov 2025 Patch Tuesday: 80 vulns, 5 CRITICAL. Actively exploited Windows Kernel (CVE-2025-62215) enables privilege escalation. GDI+, DirectX, Office also impacted. Prioritize patching & enhance monitoring! https://radar.offseq.com/threat/microsoft-patch-tuesday-for-november-2025-tue-nov--3fb8b7ea #OffSeq #Microsoft #PatchTuesday #VulnMgmt

OffSequence Oct 23

⚠️ HIGH-severity operational risk: the remediation gap in multi-tool cloud environments delays fixing critical vulnerabilities. Solutions like Pentera Resolve automate and unify workflows, reducing exposure and ensuring compliance. More info: https://radar.offseq.com/threat/bridging-the-remediation-gap-introducing-pentera-r-0c2edfa6 #OffSeq #VulnMgmt #CloudSec