SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
7,000 Servers and Counting: The Rise of the SSHStalker Linux Botnet
Cybercriminal groups and opportunistic botnet operators continue to shift toward scale-first, persistence-driven operations that rely heavily on misconfigurations, weak authentication, and long-tail vulnerabilities rather than sophisticated zero-days. Recent analyses by Flare and other cybersecurity...
CVE Research
Microsoft’s February 2026 Patch Tuesday: Six Zero-Days, 58 flaws Patched Amid Growing Exploit Activity
The second Tuesday of the month has arrived, bringing another significant wave of Microsoft security updates. In February 2026, Microsoft issued patches for 58 vulnerabilities, including six actively exploited zero-day flaws and five rated Critical.
CVE Research
Deep Dive: Inside the Warlock Ransomware Breach of SmarterTools
In a significant security incident, SmarterTools, the developer of the popular SmarterMail collaboration platform, fell victim to a ransomware attack orchestrated by the Warlock ransomware group. The breach was made possible by a critical vulnerability in SmarterTools’ own software, specifically an ...
CVE Research
Fancy Bear: Russia-Linked APT Exploits Microsoft Office Zero-Day
A targeted cyber-espionage campaign conducted by the Russia-linked advanced persistent threat (APT) group Fancy Bear (APT28) has been observed exploiting a recently patched Microsoft Office vulnerability to compromise government, diplomatic, and defense-aligned organizations across Eastern Europe an...
CVE Research
SolarWinds Implements Security Updates to Address Critical Web Help Desk Vulnerabilities
SolarWinds has released important security updates to address several critical vulnerabilities impacting its Web Help Desk (WHD) product. These issues include remote code execution (RCE) and authentication bypass flaws that put organizations at significant risk. Given WHD’s extensive use across ente...
CVE Research
From SSO to SOS: How CVE-2026-24858 Gave Hackers the Keys to Your Fortinet Gear
Fortinet has addressed a critical authentication bypass vulnerability, CVE-2026-24858, affecting FortiOS, FortiManager, FortiAnalyzer, FortiWeb and FortiProxy. The vulnerability, with a CVSS score of 9.4, is actively exploited in the wild, making it crucial for organizations to apply the necessary p...
CVE Research
Microsoft patches actively exploited Office zero-day vulnerability
In a swift response to escalating cyber threats, Microsoft has issued an emergency security update to remediate a high-severity zero-day vulnerability affecting several versions of Microsoft Office. Tracked as CVE-2026-21509, this security feature bypass flaw impacts Microsoft Office 2016, 2019, LTS...
CVE Research
Critical GNU InetUtils Telnetd Vulnerability Allows Authentication Bypass and Root Access
The discovery of CVE-2026-24061 exposes a long-standing critical weakness in the GNU InetUtils telnet daemon (telnetd). Exploitation of this vulnerability enables remote authentication bypass and full root compromise, putting legacy and misconfigured systems at severe risk. The flaw remained undetec...
CVE Research
Cisco Unified CM and Webex Security Alert: Active Zero-Day CVE-2026-20045 Fixed
Cisco has recently issued security updates to fix a critical vulnerability impacting several Unified Communications Manager (CM) products and Webex Calling Dedicated Instance. Tracked as CVE-2026-20045, the flaw has been actively exploited as a zero-day in real-world attacks, creating a serious risk...