CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List 2026-03-06 at 15:38 By Ionut Arghire The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List Read More »
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises 2026-03-05 at 17:10 By Eduard Kovacs Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead. The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first on SecurityWeek.
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises Read More »
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild 2026-03-05 at 14:27 By Eduard Kovacs The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first on SecurityWeek. This article is an
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild Read More »
VMware Aria Operations Vulnerability Exploited in the Wild 2026-03-04 at 09:28 By Eduard Kovacs The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution. The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
VMware Aria Operations Vulnerability Exploited in the Wild Read More »
Android Update Patches Exploited Qualcomm Zero-Day 2026-03-03 at 15:07 By Ionut Arghire An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption. The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Android Update Patches Exploited Qualcomm Zero-Day Read More »
900 Sangoma FreePBX Instances Infected With Web Shells 2026-02-27 at 15:38 By Ionut Arghire The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface. The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
900 Sangoma FreePBX Instances Infected With Web Shells Read More »
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers 2026-02-26 at 11:52 By Ionut Arghire Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek. This article is an excerpt from
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers Read More »
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs 2026-02-24 at 14:00 By Eduard Kovacs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. The post Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs appeared first on SecurityWeek. This article is an
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Read More »
SmarterTools Hit by Ransomware via Vulnerability in Its Own Product 2026-02-09 at 17:42 By Ionut Arghire SmarterTools says customers were impacted after hackers compromised a data center used for quality control testing. The post SmarterTools Hit by Ransomware via Vulnerability in Its Own Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
SmarterTools Hit by Ransomware via Vulnerability in Its Own Product Read More »
Recent SolarWinds Flaws Potentially Exploited as Zero-Days 2026-02-09 at 17:42 By Ionut Arghire Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access. The post Recent SolarWinds Flaws Potentially Exploited as Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Recent SolarWinds Flaws Potentially Exploited as Zero-Days Read More »
Critical SmarterMail Vulnerability Exploited in Ransomware Attacks 2026-02-06 at 09:54 By Ionut Arghire The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests. The post Critical SmarterMail Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical SmarterMail Vulnerability Exploited in Ransomware Attacks Read More »
Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks 2026-02-04 at 12:02 By Ionut Arghire Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week. The post Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks Read More »
Fresh SolarWinds Vulnerability Exploited in Attacks 2026-02-04 at 11:56 By Ionut Arghire The critical-severity SolarWinds Web Help Desk flaw could lead to unauthenticated remote code execution. The post Fresh SolarWinds Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Fresh SolarWinds Vulnerability Exploited in Attacks Read More »
Critical React Native Vulnerability Exploited in the Wild 2026-02-03 at 16:01 By Ionut Arghire Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware. The post Critical React Native Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical React Native Vulnerability Exploited in the Wild Read More »
Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability 2026-02-03 at 15:15 By Eduard Kovacs The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler. The post Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability Read More »
Ivanti Patches Exploited EPMM Zero-Days 2026-01-30 at 10:33 By Eduard Kovacs The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely. The post Ivanti Patches Exploited EPMM Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Ivanti Patches Exploited EPMM Zero-Days Read More »
APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability 2026-01-28 at 12:06 By Ionut Arghire Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025. The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability Read More »
Fortinet Patches Exploited FortiCloud SSO Authentication Bypass 2026-01-28 at 10:17 By Ionut Arghire Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts. The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Fortinet Patches Exploited FortiCloud SSO Authentication Bypass Read More »
Organizations Warned of Exploited Linux Vulnerabilities 2026-01-27 at 12:47 By Ionut Arghire The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root. The post Organizations Warned of Exploited Linux Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Organizations Warned of Exploited Linux Vulnerabilities Read More »
Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks 2026-01-27 at 11:06 By Eduard Kovacs The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features. The post Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks Read More »