exploited

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks 2026-03-10 at 15:06 By Ionut Arghire CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks Read More »

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited 2026-03-08 at 14:34 By Eduard Kovacs WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses. The post Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited Read More »

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks 2026-03-06 at 15:38 By Eduard Kovacs The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. The post Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks Read More »

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List 2026-03-06 at 15:38 By Ionut Arghire The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List Read More »

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises 2026-03-05 at 17:10 By Eduard Kovacs Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead.  The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first on SecurityWeek.

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises Read More »

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild 2026-03-05 at 14:27 By Eduard Kovacs The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first on SecurityWeek. This article is an

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild Read More »

VMware Aria Operations Vulnerability Exploited in the Wild

VMware Aria Operations Vulnerability Exploited in the Wild 2026-03-04 at 09:28 By Eduard Kovacs The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution.  The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

VMware Aria Operations Vulnerability Exploited in the Wild Read More »

Android Update Patches Exploited Qualcomm Zero-Day

Android Update Patches Exploited Qualcomm Zero-Day 2026-03-03 at 15:07 By Ionut Arghire An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption. The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Android Update Patches Exploited Qualcomm Zero-Day Read More »

900 Sangoma FreePBX Instances Infected With Web Shells

900 Sangoma FreePBX Instances Infected With Web Shells 2026-02-27 at 15:38 By Ionut Arghire The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface. The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

900 Sangoma FreePBX Instances Infected With Web Shells Read More »

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers 2026-02-26 at 11:52 By Ionut Arghire Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek. This article is an excerpt from

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers Read More »

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs 2026-02-24 at 14:00 By Eduard Kovacs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. The post Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs appeared first on SecurityWeek. This article is an

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Read More »

SmarterTools Hit by Ransomware via Vulnerability in Its Own Product

SmarterTools Hit by Ransomware via Vulnerability in Its Own Product 2026-02-09 at 17:42 By Ionut Arghire SmarterTools says customers were impacted after hackers compromised a data center used for quality control testing. The post SmarterTools Hit by Ransomware via Vulnerability in Its Own Product appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

SmarterTools Hit by Ransomware via Vulnerability in Its Own Product Read More »

Recent SolarWinds Flaws Potentially Exploited as Zero-Days

Recent SolarWinds Flaws Potentially Exploited as Zero-Days 2026-02-09 at 17:42 By Ionut Arghire Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access. The post Recent SolarWinds Flaws Potentially Exploited as Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent SolarWinds Flaws Potentially Exploited as Zero-Days Read More »

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks 2026-02-06 at 09:54 By Ionut Arghire The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests. The post Critical SmarterMail Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks Read More »

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks 2026-02-04 at 12:02 By Ionut Arghire Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week. The post Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks Read More »

Fresh SolarWinds Vulnerability Exploited in Attacks

Fresh SolarWinds Vulnerability Exploited in Attacks 2026-02-04 at 11:56 By Ionut Arghire The critical-severity SolarWinds Web Help Desk flaw could lead to unauthenticated remote code execution. The post Fresh SolarWinds Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fresh SolarWinds Vulnerability Exploited in Attacks Read More »

Critical React Native Vulnerability Exploited in the Wild

Critical React Native Vulnerability Exploited in the Wild 2026-02-03 at 16:01 By Ionut Arghire Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware. The post Critical React Native Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical React Native Vulnerability Exploited in the Wild Read More »

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability 

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability  2026-02-03 at 15:15 By Eduard Kovacs The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler. The post Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability  Read More »

Ivanti Patches Exploited EPMM Zero-Days

Ivanti Patches Exploited EPMM Zero-Days 2026-01-30 at 10:33 By Eduard Kovacs The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely. The post Ivanti Patches Exploited EPMM Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ivanti Patches Exploited EPMM Zero-Days Read More »

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability 2026-01-28 at 12:06 By Ionut Arghire Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025. The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability Read More »

Scroll to Top