Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
45 articles

#Network Security

All CosmicBytez Labs articles tagged #Network Security, across news, security advisories, how-to guides, and projects.

  • NewsJul 17, 2026

    Inc Ransomware Exploits Chained SonicWall SMA Zero-Days for Root Access

    The Inc ransomware group is actively exploiting two chained zero-day vulnerabilities in SonicWall Secure Mobile Access appliances. When combined, the flaws allow unauthenticated attackers to gain root-level control over SMA devices.

  • SecurityJul 16, 2026

    CVE-2026-51380: Tenda AC10 v3 Buffer Overflow Enables DoS and Remote Code Execution

    A critical CVSS 9.8 buffer overflow vulnerability in Tenda AC10 v3 firmware V03.03.16.09 allows remote attackers to cause permanent denial of service or execute arbitrary code via the /cgi-bin/UploadCfg endpoint.

  • NewsJul 15, 2026

    SonicWall Warns of Two Zero-Day Exploits Targeting SMA1000 — Patch Immediately

    SonicWall has issued an urgent advisory warning of two zero-day vulnerabilities in its SMA1000 appliances — CVE-2026-15409 and CVE-2026-15410 — that can be chained for unauthenticated remote code execution. Patches are available now.

  • NewsJul 14, 2026

    SonicWall Warns of SMA1000 Flaws Exploited in Zero-Day Attacks, Patch Now

    SonicWall has issued an urgent advisory warning that two vulnerabilities in its SMA 1000 series secure remote access appliances are being actively exploited in chained zero-day attacks. CVE-2026-15409 (SSRF, CVSS 10.0) and CVE-2026-15410 (OS command injection) are combined to achieve full remote compromise. Patches are available; CISA has set a July 17 federal deadline.

  • NewsJul 8, 2026

    China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware

    Cisco Talos researchers have identified new LONGLEASH malware deployed by Chinese APT group UAT-7810 to expand its Operational Relay Box network,...

  • SecurityJul 3, 2026

    UniFi Connect Critical RCE via Command Injection CVE-2026-50746

    A maximum-severity command injection vulnerability in Ubiquiti's UniFi Connect Application allows any network-accessible attacker to execute arbitrary OS...

  • NewsJun 28, 2026

    Hackers Exploit Cisco SD-WAN Zero-Day for Root Access at Telecom Provider

    Mandiant has detailed an incident in which threat actors exploited a Cisco SD-WAN zero-day vulnerability to gain the highest possible access level at a...

  • HOWTOJun 22, 2026

    Deploy OpenCanary to Catch Attackers Inside Your Network

    Set up OpenCanary honeypot services on a Raspberry Pi or VM to detect lateral movement, credential stuffing, and unauthorized access before attackers...

  • SecurityJun 12, 2026

    CVE-2026-47369: UniFi OS Privilege Escalation via Improper Input Validation

    A critical CVSS 9.9 privilege escalation vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to escalate privileges within UniFi...

  • SecurityJun 12, 2026

    CVE-2026-47370: UniFi OS Command Injection via Improper Input Validation

    A critical CVSS 9.9 command injection vulnerability in Ubiquiti UniFi OS allows a low-privileged network attacker to execute arbitrary commands within...

  • NewsJun 10, 2026

    Cisco Customers Encounter Another SD-WAN Zero-Day Under Attack

    A seventh actively exploited zero-day in Cisco SD-WAN products this year — CVE-2026-20245 — is under attack with no patch yet available from Cisco.

  • NewsJun 6, 2026

    Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

    Cisco has disclosed active exploitation of CVE-2026-20245, a high-severity vulnerability in Catalyst SD-WAN Manager with a CVSS score of 7.8. No patch is…

  • NewsJun 5, 2026

    Cisco Warns of Unpatched SD-WAN Zero-Day Exploited in Attacks

    Cisco has issued an emergency warning about an actively exploited, unpatched zero-day in Cisco Catalyst SD-WAN Manager (CVE-2026-20245) that enables root…

  • SecurityJun 5, 2026

    CVE-2026-35906: T3 Technology CPE Unauthenticated Root RCE via Debug CGI

    An undocumented debug CGI endpoint in T3 Technology CPE devices (T625Pro v1.0.07, T6825G v1.0.03) allows unauthenticated remote attackers to execute arbitrary…

  • SecurityJun 5, 2026

    CVE-2026-6274: Critical Authentication Bypass in DTS Redline WR3200 Router

    A critical authentication bypass vulnerability in the DTS Electronics Redline WR3200 router allows unauthenticated attackers to access functionality protected…

  • SecurityJun 4, 2026

    CVE-2026-49186: Critical MQTT Broker Wildcard ACL Bypass

    A critical CVSS 9.8 vulnerability in a local MQTT broker fails to enforce topic-level ACLs, allowing any client to use wildcard characters to enumerate hidden…

  • NewsJun 2, 2026

    Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches

    A stack-based buffer overflow flaw in HP OfficeConnect VoIP phones can be exploited remotely to achieve code execution, potentially allowing attackers to…

  • NewsMay 23, 2026

    Ubiquiti Patches Three Max-Severity UniFi OS Vulnerabilities

    Ubiquiti has released security updates fixing three CVSS 10.0 vulnerabilities in UniFi OS that allow unauthenticated remote attackers to fully compromise...

  • NewsMay 23, 2026

    'Underminr' Vulnerability Lets Attackers Hide Malicious

    A newly disclosed vulnerability dubbed 'Underminr' affects approximately 88 million domains and enables attackers to bypass DNS filtering tools while...

  • SecurityMay 22, 2026

    UniFi OS Command Injection via Improper Input Validation

    A CVSS 9.1 command injection vulnerability in UniFi OS devices allows a network-adjacent attacker with high privileges to execute arbitrary commands on...

  • SecurityMay 22, 2026

    UniFi OS Improper Access Control — Unauthorized System

    A CVSS 10.0 improper access control flaw in UniFi OS allows any network-accessible attacker to make unauthorized changes to the underlying system with no...

  • SecurityMay 22, 2026

    CVE-2026-34909 — UniFi OS Path Traversal Leading to Account

    A CVSS 10.0 path traversal vulnerability in UniFi OS allows an unauthenticated network attacker to read arbitrary files, including sensitive account files...

  • SecurityMay 22, 2026

    CVE-2026-34910 — UniFi OS Unauthenticated Command Injection

    A CVSS 10.0 command injection vulnerability in UniFi OS allows any network-accessible attacker with no credentials to execute arbitrary OS commands,...

  • NewsMay 20, 2026

    Hackers Bypass SonicWall VPN MFA Due to Incomplete Patching

    Threat actors brute-forced credentials and bypassed multi-factor authentication on SonicWall Gen6 SSL-VPN appliances to deploy ransomware tools,...

  • ProjectMay 20, 2026

    Pi-hole v6 + Unbound: Network-Wide DNS Sinkhole with Recursive Resolution

    Deploy Pi-hole v6 as a network-wide DNS sinkhole backed by Unbound as a self-hosted recursive resolver — eliminating ads, trackers, and malware domains...

  • NewsMay 17, 2026

    Cisco Catalyst SD-WAN Controller Auth Bypass Actively

    Cisco has patched a maximum-severity authentication bypass flaw in its Catalyst SD-WAN Controller that has already been exploited in limited attacks....

  • NewsMay 16, 2026

    Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited

    Cisco has patched CVE-2026-20182, a zero-day in Catalyst SD-WAN Manager that has been actively exploited in targeted attacks by sophisticated threat actor...

  • NewsMay 16, 2026

    Cisco Zero-Day Under Ongoing Attack by Persistent Threat

    The threat group UAT-8616 is actively exploiting a new Cisco SD-WAN zero-day and has been linked to multiple prior Cisco firewall and SD-WAN vulnerability...

  • NewsMay 12, 2026

    Fortinet Warns of Critical RCE Flaws in FortiSandbox and FortiAuthenticator

    Fortinet has released emergency security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to...

  • SecurityApr 28, 2026

    CVE-2026-7154: Totolink A8000RU OS Command Injection via CGI Handler

    A critical unauthenticated OS command injection vulnerability in the Totolink A8000RU router firmware 7.1cu.643_b20200521 allows remote attackers to...

  • HOWTOApr 6, 2026

    Network Traffic Analysis with Zeek: From Deployment to Threat Detection

    Deploy Zeek (formerly Bro) on Linux to passively monitor network traffic, generate structured logs, write detection scripts, and forward data to your SIEM...

  • HOWTOMar 30, 2026

    Suricata IDS/IPS Deployment: From Install to Active Threat

    Deploy Suricata as a full-featured Network Intrusion Detection and Prevention System on Ubuntu. Covers installation, interface capture, Emerging Threats...

  • NewsMar 28, 2026

    Citrix NetScaler CVE-2026-3055 (CVSS 9.3) Under Active

    Security researchers at Defused Cyber and watchTowr have detected active reconnaissance targeting CVE-2026-3055, a critical CVSS 9.3 memory overread flaw...

  • SecurityMar 27, 2026

    CVE-2025-53521: F5 BIG-IP APM Remote Code Execution — CISA

    A critical unauthenticated RCE vulnerability in F5 BIG-IP APM is being actively exploited in the wild. Malicious traffic targeting access policy virtual...

  • NewsMar 18, 2026

    Critical Unpatched GNU Telnetd Flaw (CVE-2026-32746)

    Researchers have disclosed a critical unauthenticated remote code execution vulnerability in the GNU InetUtils telnet daemon (telnetd). CVE-2026-32746...

  • ChecklistMar 11, 2026

    Network Security Audit Checklist

    Systematic audit checklist for network infrastructure security — firewall rules, segmentation, VPN configuration, DNS security, wireless security, and...

  • SecurityMar 4, 2026

    CISA Issues Emergency Directive as Cisco SD-WAN Zero-Day

    A maximum-severity authentication bypass in Cisco Catalyst SD-WAN (CVE-2026-20127, CVSS 10.0) has been actively exploited by threat actor UAT-8616 since...

  • HOWTOFeb 23, 2026

    FortiGate Security Hardening: Best Practices for Enterprise

    Complete FortiGate hardening guide covering admin access lockdown, firmware management, interface hardening, DNS/NTP security, certificate management,...

  • HOWTOFeb 3, 2026

    FortiGate IPsec VPN: Site-to-Site with Azure

    Configure IPsec site-to-site VPN between FortiGate firewall and Azure VPN Gateway. Covers IKE configuration, routing, BGP, and high availability.

  • HOWTOFeb 3, 2026

    FortiGate SSL VPN Setup: Secure Remote Access Configuration

    Configure FortiGate SSL VPN for secure remote user access. Covers portal setup, user authentication, firewall policies, and FortiClient configuration.

  • HOWTOFeb 3, 2026

    Kubernetes Network Policies: Microsegmentation Guide

    Implement network microsegmentation in Kubernetes with Network Policies. Covers default deny, allow rules, namespace isolation, egress policies, and debugging.

  • ProjectFeb 3, 2026

    FortiGate SD-WAN Deployment

    Deploy enterprise SD-WAN with FortiGate featuring dual ISP failover, performance SLAs, application steering, and Zero Trust architecture integration.

  • ProjectFeb 3, 2026

    Network Traffic Analysis with Zeek and Suricata

    Deploy a network monitoring stack combining Zeek for protocol analysis and Suricata for intrusion detection, with ELK integration for visualization and...

  • HOWTOFeb 2, 2026

    Python for Security Automation: Essential Scripting

    Learn Python security scripting fundamentals including network scanning, log parsing, hash analysis, API integration, and automated threat detection for...

  • HOWTOJan 22, 2026

    Pi-hole DNS Security: Block Ads, Trackers, and Malware

    Deploy Pi-hole for network-wide ad blocking and DNS security. Includes setup, configuration, upstream DNS options, and integration with encrypted DNS.