exploited

Adobe Reader Zero-Day Exploited for Months: Researcher

Adobe Reader Zero-Day Exploited for Months: Researcher 2026-04-09 at 12:00 By Eduard Kovacs Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability. The post Adobe Reader Zero-Day Exploited for Months: Researcher appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Reader Zero-Day Exploited for Months: Researcher Read More »

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover 2026-04-08 at 15:06 By Ionut Arghire The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution. The post Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover appeared first on SecurityWeek. This article is an

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover Read More »

Critical Flowise Vulnerability in Attacker Crosshairs

Critical Flowise Vulnerability in Attacker Crosshairs 2026-04-07 at 18:34 By Ionut Arghire The improper validation of user-supplied JavaScript code allows attackers to execute arbitrary code and access the file system. The post Critical Flowise Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Flowise Vulnerability in Attacker Crosshairs Read More »

TrueConf Zero-Day Exploited in Asian Government Attacks

TrueConf Zero-Day Exploited in Asian Government Attacks 2026-04-03 at 17:52 By Ionut Arghire A Chinese threat actor exploited the video conferencing platform to perform reconnaissance, escalate privileges, and execute additional payloads. The post TrueConf Zero-Day Exploited in Asian Government Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

TrueConf Zero-Day Exploited in Asian Government Attacks Read More »

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple Rolls Out DarkSword Exploit Protection to More Devices 2026-04-02 at 19:58 By Eduard Kovacs The DarkSword exploit kit has been used by both state-sponsored hackers and commercial spyware vendors. The post Apple Rolls Out DarkSword Exploit Protection to More Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Apple Rolls Out DarkSword Exploit Protection to More Devices Read More »

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome 2026-04-01 at 18:46 By Eduard Kovacs Google has announced fixes for CVE-2026-5281, a zero-day affecting Chrome’s Dawn component.  The post Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome Read More »

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins 2026-03-31 at 15:43 By Ionut Arghire The SQL injection vulnerability allows unauthenticated attackers to execute arbitrary code remotely, via crafted HTTP requests. The post Exploitation of Critical Fortinet FortiClient EMS Flaw Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins Read More »

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of Fresh Citrix NetScaler Vulnerability Begins 2026-03-30 at 12:32 By Ionut Arghire The critical-severity flaw leaks application memory and can be exploited to obtain authenticated administrative session IDs. The post Exploitation of Fresh Citrix NetScaler Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of Fresh Citrix NetScaler Vulnerability Begins Read More »

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild 2026-03-30 at 10:37 By Ionut Arghire Initially disclosed as a high-severity denial-of-service (DoS), the bug was reclassified as a critical RCE issue. The post F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild appeared first on SecurityWeek. This

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild Read More »

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability 2026-03-23 at 09:18 By Eduard Kovacs CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild.  The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek. This article is an excerpt from

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability Read More »

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

Critical Quest KACE Vulnerability Potentially Exploited in Attacks 2026-03-21 at 13:00 By Eduard Kovacs The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector. The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Critical Quest KACE Vulnerability Potentially Exploited in Attacks Read More »

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

Critical Langflow Vulnerability Exploited Hours After Public Disclosure 2026-03-20 at 10:42 By Ionut Arghire Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution. The post Critical Langflow Vulnerability Exploited Hours After Public Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Langflow Vulnerability Exploited Hours After Public Disclosure Read More »

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks 2026-03-19 at 11:01 By Eduard Kovacs Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article is an

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks Read More »

Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation

Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation 2026-03-18 at 20:02 By SecurityWeek News The company has developed an AI-powered platform that autonomously discovers and validates software vulnerabilities. The post Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation Read More »

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA Flags Year-Old Wing FTP Vulnerability as Exploited 2026-03-17 at 13:35 By Ionut Arghire Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Read More »

Chrome 146 Update Patches Two Exploited Zero-Days

Chrome 146 Update Patches Two Exploited Zero-Days 2026-03-13 at 09:50 By Ionut Arghire The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution. The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 146 Update Patches Two Exploited Zero-Days Read More »

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks 2026-03-10 at 15:06 By Ionut Arghire CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks Read More »

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited 2026-03-08 at 14:34 By Eduard Kovacs WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses. The post Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited Read More »

Scroll to Top