Critical CVE-2026-2329 flaw in Grandstream GXP1600 VoIP phones enables unauthenticated RCE, call interception, and credential ...

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA ...

A critical vulnerability affecting Grandstream’s GXP1600 series phones could allow threat actors to intercept calls.

Cisa has added six CVEs to its Kev catalogue this week, including newly-disclosed issues in Google Chromium and Dell ...

The title of the post is”What AI Security Research Looks Like When It Works,” and I agree: In the latest OpenSSL security release> on January 27, 2026, twelve new zero-day vulnerabilities (meaning ...

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this ...

CVE-2026-2329 allows unauthenticated root-level access to SMB phones, so attackers can intercept calls, commit toll fraud, and impersonate users.

AISLE AI toolset exposed OpenSSL vulnerabilities stretching back to the earliest HTTPS era Even heavily audited security code can hide serious flaws for decades Crashes and memory corruption remain ...

AISLE AI toolset exposed OpenSSL vulnerabilities stretching back to the earliest HTTPS era Even heavily audited security code can hide serious flaws for decades Crashes and memory corruption remain ...

The Windows NuGet packages (librdkafka.redist) currently bundle OpenSSL 3.3.2. This version is affected by CVE-2025-15467, a Critical (CVSS 9.8) stack buffer overflow in OpenSSL's CMS parsing. The fix ...