Add your product or open-source project on TechLogHub
Listing is free. Sponsored featured placements are paid and priced in USD — open the pricing dialog to see plan details.
Products
Discover amazing products built by our community
Open Source ProjectsNEW
Curating the best open-source projects shaping the future
Latest from the Blog
Analysis, product insight, and practical reads for builders
Cisco warns of unpatched SD-WAN zero-day exploited in attacks (CVE-2026-20245)
Cisco warns of a high-severity, unpatched zero-day in Catalyst SD-WAN Manager (CVE-2026-20245) that is actively exploited to escalate privileges to root across all deployment types. Exploitation requires netadmin privileges—typically via valid credentials or by chaining with CVE-2026-20182 or CVE-2026-20127—and can be triggered by uploading a crafted file. There is no patch yet; admins should upgrade to the fixed release for CVE-2026-20182 (May 14) and monitor /var/log/scripts.log for IOCs, contacting Cisco TAC if a compromise is suspected. Cisco notes this follows a pattern of previously exploited SD-WAN vulnerabilities.
Credit card theft campaign abuses Stripe to host stolen payment info
Security researchers have uncovered a Magecart campaign that abuses Stripe's API and Google Tag Manager to host and exfiltrate stolen payment data from checkout pages. The attacker loads malicious code via GTM, captures card details (number, expiry, CVV), and stores them as fake Stripe customer records, with data exfiltration occurring on page load and at intervals before the local copy is wiped. A Firestore-based variant was also observed. The operation appears active since December 24, 2025, and targets Magento/Adobe Commerce checkout flows. Advice: use one-time virtual cards with strict limits and audit GTM/Stripe integrations for tampering.
DentaQuest Data Breach Exposes 2.6 Million Accounts
DentaQuest, one of the largest U.S. dental benefits administrators, confirmed a cybersecurity incident exposing data from 2.6 million accounts. The breach, linked to the ShinyHunters gang, leaked about 234 GB of information including email addresses, full names, phone numbers, government IDs, health-insurance data, genders, and dates of birth. DentaQuest reports limited disruption to its networks and has engaged external security experts as Have I Been Pwned validates the leak; recipients are urged to watch for phishing and social-engineering attempts as the investigation continues.
UN food agency discloses breach affecting 600,000 Gaza households
The United Nations’ World Food Programme disclosed a cyberattack on its Gaza self-registration platform, potentially exposing the personal data of about 600,000 Palestinian households, including names, IDs, phone numbers, and registration locations. The platform is temporarily suspended as security measures are strengthened; beneficiaries are advised to ignore suspicious requests, and aid distribution continues while the investigation proceeds.