exploited - Security Ticks

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

exploited, Vulnerabilities, vulnerability, WordPress / SecurityTicks

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data 2026-06-22 at 14:45 By Ionut Arghire Vulnerable WordPress plugin iterations leak API keys, secrets, tokens, server information, and other data. The post Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data Read More »

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA KEV, exploited, Featured, Splunk, Vulnerabilities, vulnerability / SecurityTicks

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure 2026-06-19 at 07:10 By Eduard Kovacs CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. The post Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure appeared first on SecurityWeek. This article is an excerpt

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure Read More »

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

CISA KEV, cPanel, exploited, Joomla, Vulnerabilities, vulnerability / SecurityTicks

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks 2026-06-17 at 10:28 By Ionut Arghire The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks Read More »

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

exploited, Featured, FortiBleed, Fortinet, FortiSandbox, Vulnerabilities, vulnerability / SecurityTicks

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs 2026-06-17 at 09:53 By Eduard Kovacs SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking. The post 3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs Read More »

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Cisco, exploited, Featured, Network Security, SD-WAN, Vulnerabilities, Zero-Day / SecurityTicks

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks 2026-06-16 at 09:20 By Eduard Kovacs Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks Read More »

Ivanti Sentry Exploitation Attempts Hitting Honeypots

CISA KEV, exploited, Ivanti, Vulnerabilities, vulnerability / SecurityTicks

Ivanti Sentry Exploitation Attempts Hitting Honeypots 2026-06-12 at 12:44 By Ionut Arghire The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ivanti Sentry Exploitation Attempts Hitting Honeypots Read More »

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

cybercrime, exploited, Featured, Oracle, Oracle PeopleSoft, ShinyHunters, Vulnerabilities, Zero-Day / SecurityTicks

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters 2026-06-12 at 09:44 By Eduard Kovacs Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. The post Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters Read More »

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

exploited, Oracle, Oracle PeopleSoft, ShinyHunters, Vulnerabilities, Zero-Day / SecurityTicks

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks 2026-06-11 at 16:57 By Eduard Kovacs Oracle has released a patch for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. The post Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks appeared first on SecurityWeek. This article is an excerpt

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks Read More »

Hackers Exploit Langflow Vulnerability for Remote Code Execution

exploited, Langflow, remote code execution, Vulnerabilities, vulnerability / SecurityTicks

Hackers Exploit Langflow Vulnerability for Remote Code Execution 2026-06-11 at 14:52 By Ionut Arghire Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system. The post Hackers Exploit Langflow Vulnerability for Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Hackers Exploit Langflow Vulnerability for Remote Code Execution Read More »

Microsoft Patches Exploited Exchange Server Vulnerability

Exchange, exploited, Featured, Microsoft, patch, Vulnerabilities, vulnerability / SecurityTicks

Microsoft Patches Exploited Exchange Server Vulnerability 2026-06-11 at 11:18 By Eduard Kovacs The company warned about zero-day attacks exploiting the Exchange Server vulnerability CVE-2026-42897 on May 14. The post Microsoft Patches Exploited Exchange Server Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited Exchange Server Vulnerability Read More »

ServiceNow Patches Vulnerability Exploited Against Some Customers

exploited, Featured, ServiceNow, Vulnerabilities, vulnerability / SecurityTicks

ServiceNow Patches Vulnerability Exploited Against Some Customers 2026-06-10 at 14:22 By Eduard Kovacs The company updated hosted customer instances to patch a security issue it reportedly had known about since April 7. The post ServiceNow Patches Vulnerability Exploited Against Some Customers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ServiceNow Patches Vulnerability Exploited Against Some Customers Read More »

No Patch Planned for Exploited Arista EOS Vulnerability

Arista, exploited, Vulnerabilities, Zero-Day / SecurityTicks

No Patch Planned for Exploited Arista EOS Vulnerability 2026-06-10 at 09:55 By Ionut Arghire Organizations are advised to apply vendor-supplied mitigations or discontinue the vulnerable devices. The post No Patch Planned for Exploited Arista EOS Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

No Patch Planned for Exploited Arista EOS Vulnerability Read More »

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks

Check Point, exploited, Qilin, Ransomware, VPN, Vulnerabilities, Zero-Day / SecurityTicks

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks 2026-06-09 at 13:39 By Ionut Arghire The authentication bypass vulnerability allows attackers to establish VPN connections without a valid password. The post Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Check Point VPN Zero-Day Exploited in Qilin Ransomware Attacks Read More »

Google Patches 5th Chrome Zero-Day Exploited in 2026

Chrome, exploited, Featured, Vulnerabilities, Zero-Day / SecurityTicks

Google Patches 5th Chrome Zero-Day Exploited in 2026 2026-06-09 at 09:42 By Eduard Kovacs The vulnerability is tracked as CVE-2026-11645 and it was reported in late April by an anonymous researcher. The post Google Patches 5th Chrome Zero-Day Exploited in 2026 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Patches 5th Chrome Zero-Day Exploited in 2026 Read More »

Everest Forms Vulnerability Exploited to Hack WordPress Sites

exploited, Vulnerabilities, vulnerability, WordPress / SecurityTicks

Everest Forms Vulnerability Exploited to Hack WordPress Sites 2026-06-08 at 16:16 By Ionut Arghire The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months. The post Everest Forms Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Everest Forms Vulnerability Exploited to Hack WordPress Sites Read More »

SolarWinds Serv-U Vulnerability Exploited in the Wild

exploited, SolarWinds, Vulnerabilities, vulnerability / SecurityTicks

SolarWinds Serv-U Vulnerability Exploited in the Wild 2026-06-08 at 13:09 By Ionut Arghire Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service. The post SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SolarWinds Serv-U Vulnerability Exploited in the Wild Read More »

Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse

Account Takeover, AI, data breach, Data Breaches, exploited, Featured, Instagra, Meta, Vulnerabilities, vulnerability / SecurityTicks

Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse 2026-06-08 at 13:09 By Eduard Kovacs The social media giant has informed authorities about the impact of the recent attack involving an account recovery support tool. The post Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse appeared first on SecurityWeek. This article is

Meta Says 20,000 Instagram Accounts Hacked via AI Tool Abuse Read More »

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026

Cisco, exploited, Featured, SD-WAN, Vulnerabilities, Zero-Day / SecurityTicks

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 2026-06-05 at 09:23 By Eduard Kovacs The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 appeared first on SecurityWeek. This article is an excerpt from

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 Read More »

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers

exploited, magento, Vulnerabilities, vulnerability / SecurityTicks

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers 2026-06-04 at 16:06 By Ionut Arghire A flaw in the Full Page Cache Warmer extension can be exploited without authentication via serialized PHP object payloads. The post Mirasvit Vulnerability Exploited to Execute Code on Magento Servers appeared first on SecurityWeek. This article is an excerpt from

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers Read More »

Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs

exploited, plugin vulnerability, Vulnerabilities, WordPress / SecurityTicks

Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs 2026-06-03 at 20:19 By Ionut Arghire Threat actors are exploiting vulnerable Kirki and Burst Statistics deployments to elevate privileges and take over websites. The post Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs Read More »