Skip to content
SecForge
News archive

Cybersecurity intelligence, curated and contextual.

In-depth analysis, threat research and industry perspective to help you stay ahead of what's next — new CVEs, model releases and attack patterns, without the breathless coverage.

Latest from the wire · auto-updated

Fresh headlines auto-curated from leading cybersecurity sources appear here — each one reviewed before publishing.

4 results
Jul 2, 20266 min read

A perfect 10.0 in SimpleHelp puts MSPs back in the supply-chain blast radius

CVE-2026-48558 scores maximum CVSS severity in SimpleHelp, an RMM tool widely used by managed service providers; exploitation is tracked via the "TaskWeaver" loader. One vulnerable MSP endpoint can fan out into every client network that MSP touches — if you outsource IT, this is the week to ask your provider directly.

Supply chain RMMMSP
SecForge
Editorial desk
Source →
Jul 1, 20267 min read

JetBrains patches auth bypass and RCE across Hub, YouTrack, IntelliJ and more

A cluster of critical flaws across JetBrains' on-prem tools chains into auth bypass, account takeover and RCE — the sharpest a CVSS 9.8 from predictable account-restore codes. An IDE runs with your privileges: patch before opening untrusted repositories in any JetBrains product.

Vulnerabilities Auth bypassDev tooling
SecForge
Editorial desk
Source →