exploited

Organizations Warned of Exploited Joomla Extension Vulnerabilities

Organizations Warned of Exploited Joomla Extension Vulnerabilities 2026-07-13 at 12:08 By Ionut Arghire Threat actors have been targeting Balbooa Forms and iCagenda Joomla extension flaws for remote code execution. The post Organizations Warned of Exploited Joomla Extension Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Joomla Extension Vulnerabilities Read More »

BlueHammer Vulnerability Exploited in Ransomware Attacks

BlueHammer Vulnerability Exploited in Ransomware Attacks 2026-06-30 at 16:56 By Eduard Kovacs The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

BlueHammer Vulnerability Exploited in Ransomware Attacks Read More »

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins 2026-06-30 at 14:29 By Ionut Arghire The critical-severity defect allows unauthenticated attackers to take over the E-Business Suite’s Payments product. The post Exploitation of Recent Oracle E-Business Suite Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins Read More »

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

Critical SimpleHelp Vulnerability Exploited for Malware Delivery 2026-06-30 at 11:43 By Ionut Arghire The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling. The post Critical SimpleHelp Vulnerability Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical SimpleHelp Vulnerability Exploited for Malware Delivery Read More »

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild 2026-06-26 at 11:15 By Eduard Kovacs CISA has added the remote code execution flaw CVE-2026-12569 to its Known Exploited Vulnerabilities catalog. The post First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

First-Ever Exploitation of PTC Windchill Vulnerability Discovered in the Wild Read More »

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning 2026-06-25 at 14:23 By Eduard Kovacs The exploited flaw, CVE-2025-67038, is one of the vulnerabilities disclosed in April as part of the BRIDGE:BREAK research project. The post Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning appeared first on SecurityWeek. This article

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning Read More »

Cisco SD-WAN Zero-Day Exploited Months Before Patching

Cisco SD-WAN Zero-Day Exploited Months Before Patching 2026-06-25 at 09:08 By Eduard Kovacs CVE-2026-20245, the 7th Cisco SD-WAN vulnerability exploited in 2026, was used for months prior to its disclosure and patching. The post Cisco SD-WAN Zero-Day Exploited Months Before Patching appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco SD-WAN Zero-Day Exploited Months Before Patching Read More »

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs 2026-06-24 at 15:32 By Ionut Arghire The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands. The post Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs Read More »

Hackers Exploiting Cisco Unified CM Vulnerability

Hackers Exploiting Cisco Unified CM Vulnerability 2026-06-24 at 08:44 By Eduard Kovacs Cisco noted that a PoC had been available for CVE-2026-20230 when it announced patches in early June. The post Hackers Exploiting Cisco Unified CM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Exploiting Cisco Unified CM Vulnerability Read More »

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data 2026-06-22 at 14:45 By Ionut Arghire Vulnerable WordPress plugin iterations leak API keys, secrets, tokens, server information, and other data. The post Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data Read More »

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure 2026-06-19 at 07:10 By Eduard Kovacs CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek. This article is an excerpt

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure Read More »

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks 2026-06-17 at 10:28 By Ionut Arghire The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks Read More »

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs 2026-06-17 at 09:53 By Eduard Kovacs SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking.  The post 3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs Read More »

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks 2026-06-16 at 09:20 By Eduard Kovacs Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks Read More »

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Ivanti Sentry Exploitation Attempts Hitting Honeypots 2026-06-12 at 12:44 By Ionut Arghire The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ivanti Sentry Exploitation Attempts Hitting Honeypots Read More »

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters 2026-06-12 at 09:44 By Eduard Kovacs Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. The post Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters Read More »

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks 2026-06-11 at 16:57 By Eduard Kovacs Oracle has released a patch for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. The post Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks Read More »

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers Exploit Langflow Vulnerability for Remote Code Execution 2026-06-11 at 14:52 By Ionut Arghire Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system. The post Hackers Exploit Langflow Vulnerability for Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Hackers Exploit Langflow Vulnerability for Remote Code Execution Read More »

Microsoft Patches Exploited Exchange Server Vulnerability

Microsoft Patches Exploited Exchange Server Vulnerability 2026-06-11 at 11:18 By Eduard Kovacs The company warned about zero-day attacks exploiting the Exchange Server vulnerability CVE-2026-42897 on May 14.  The post Microsoft Patches Exploited Exchange Server Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited Exchange Server Vulnerability Read More »

ServiceNow Patches Vulnerability Exploited Against Some Customers

ServiceNow Patches Vulnerability Exploited Against Some Customers 2026-06-10 at 14:22 By Eduard Kovacs The company updated hosted customer instances to patch a security issue it reportedly had known about since April 7. The post ServiceNow Patches Vulnerability Exploited Against Some Customers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ServiceNow Patches Vulnerability Exploited Against Some Customers Read More »

Scroll to Top