CISA KEV

Organizations Warned of Exploited Joomla Extension Vulnerabilities

Organizations Warned of Exploited Joomla Extension Vulnerabilities 2026-07-13 at 12:08 By Ionut Arghire Threat actors have been targeting Balbooa Forms and iCagenda Joomla extension flaws for remote code execution. The post Organizations Warned of Exploited Joomla Extension Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Joomla Extension Vulnerabilities Read More »

BlueHammer Vulnerability Exploited in Ransomware Attacks

BlueHammer Vulnerability Exploited in Ransomware Attacks 2026-06-30 at 16:56 By Eduard Kovacs The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

BlueHammer Vulnerability Exploited in Ransomware Attacks Read More »

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

Critical SimpleHelp Vulnerability Exploited for Malware Delivery 2026-06-30 at 11:43 By Ionut Arghire The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling. The post Critical SimpleHelp Vulnerability Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical SimpleHelp Vulnerability Exploited for Malware Delivery Read More »

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs 2026-06-24 at 15:32 By Ionut Arghire The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands. The post Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs Read More »

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure 2026-06-19 at 07:10 By Eduard Kovacs CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek. This article is an excerpt

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure Read More »

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks 2026-06-17 at 10:28 By Ionut Arghire The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks Read More »

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Ivanti Sentry Exploitation Attempts Hitting Honeypots 2026-06-12 at 12:44 By Ionut Arghire The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ivanti Sentry Exploitation Attempts Hitting Honeypots Read More »

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk 2026-06-11 at 16:01 By Ionut Arghire The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. The post CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk appeared first on SecurityWeek. This

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk Read More »

Organizations Warned of Exploited Linux Kernel Vulnerability

Organizations Warned of Exploited Linux Kernel Vulnerability 2026-06-03 at 14:56 By Ionut Arghire An improper authentication bug allows attackers to escalate their privileges and escape containers. The post Organizations Warned of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Linux Kernel Vulnerability Read More »

Oracle WebLogic Vulnerability Exploited in the Wild

Oracle WebLogic Vulnerability Exploited in the Wild 2026-06-02 at 15:46 By Eduard Kovacs The vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers. The post Oracle WebLogic Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Oracle WebLogic Vulnerability Exploited in the Wild Read More »

CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day

CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day 2026-05-27 at 09:56 By Ionut Arghire Resolved last week, the vulnerability was exploited in the wild as a zero-day to execute scripts with root privileges. The post CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day appeared first on SecurityWeek. This article is an

CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day Read More »

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities 2026-04-21 at 15:29 By Ionut Arghire CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before. The post Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities Read More »

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software 2026-04-16 at 15:03 By Ionut Arghire To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched. The post NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software appeared first on SecurityWeek. This article is

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software Read More »

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities 2026-04-14 at 22:26 By Eduard Kovacs Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count. The post Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities Read More »

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities 2026-04-14 at 12:00 By Ionut Arghire The security defects allow attackers to escalate privileges and execute arbitrary code remotely. The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities Read More »

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA Flags Year-Old Wing FTP Vulnerability as Exploited 2026-03-17 at 13:35 By Ionut Arghire Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Read More »

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks 2026-03-10 at 15:06 By Ionut Arghire CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks Read More »

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks 2026-03-06 at 15:38 By Eduard Kovacs The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. The post Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks Read More »

Scroll to Top