News Archives

Stay tuned with SecureLayer7 Announcements

April 8, 2026

Published by Rajesh N at April 8, 2026

Data Poisoning: Attacks, Risks, and Prevention

Data poisoning has become the foundation of modern digital systems, powering analytics platforms, machine learning models, and AI-driven decision-making across industries. As organizations increasingly depend on […]

April 1, 2026

Published by SecureLayer7 Lab at April 1, 2026

Axios NPM Supply Chain Attack: Malicious Update Enables Remote Access

Executive Summary: On March 31, 2026, a widely used JavaScript library, Axios, was compromised through a hijacked maintainer account. This incident highlights how modern supply chain […]

March 31, 2026

Published by SecureLayer7 Lab at March 31, 2026

CVE-2025-59489: Unity Hub macOS DyLib Injection – TCC Bypass

macOS employs a layered security model to protect user privacy. At the heart of this model is Transparency, Consent, and Control (TCC) — the framework responsible […]

March 27, 2026

Published by Vikas Kumar at March 27, 2026

PyPl litellm Supply Chain Attack: How It Works And Prevention

A widely used Python package, litellm, was compromised through malicious PyPI versions 1.82.7 and 1.82.8. This incident has raised serious concerns among security professionals worldwide. Initially, […]

March 26, 2026

Published by SecureLayer7 Lab at March 26, 2026

CVE-2024-54676 — Apache OpenMeetings OpenJPA Deserialization RCE

CVE-2024-54676 is a critical (CVSS 9.8) Java deserialization vulnerability affecting Apache OpenMeetings versions prior to 8.0.0. This vulnerability allows an unauthenticated attacker to achieve Remote Code […]

March 23, 2026

Published by SecureLayer7 Lab at March 23, 2026

RegPwn (CVE-2026-24291): Windows Registry Vulnerability Explained

RegPwn (CVE-2026-24291) is a critical Windows Registry vulnerability that exposes enterprise systems to privilege escalation and potential system compromise. This flaw targets how Windows handles registry […]

March 19, 2026

Published by SecureLayer7 Lab at March 19, 2026

CVE-2026-22729: JSONPath Injection in Spring AI’s PgVectorStore

Contributors: Sandeep Kamble, BugDazz Autonomous Pentest AI, Rabit0 ModelPublication Date: March 19, 2026Severity Rating: High (CVSS Score: 8.6)Vulnerability Status: Zero-day at time of discovery While auditing the MariaDB vector store […]

March 19, 2026

Published by Rajesh N at March 19, 2026

Denial of Service (DoS) Attack: Types, Impact, and Prevention

Denial of Service (DoS) attacks are among the most disruptive cybersecurity threats, designed to overwhelm systems, networks, or applications and make them unavailable to legitimate users. […]

March 19, 2026

Published by SecureLayer7 Lab at March 19, 2026

CVE-2026-22730: SQL Injection in Spring AI’s MariaDB Vector Store

Contributors: Sandeep Kamble, BugDazz Autonomous Pentest AI, Rabit0 ModelPublication Date: March 19, 2026Severity Rating: High (CVSS Score: 8.8)Vulnerability Status: Zero-day at time of discovery A financial services firm was […]