exploited

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass 2026-01-28 at 10:17 By Ionut Arghire Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts. The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass Read More »

Organizations Warned of Exploited Linux Vulnerabilities

Organizations Warned of Exploited Linux Vulnerabilities 2026-01-27 at 12:47 By Ionut Arghire The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root. The post Organizations Warned of Exploited Linux Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Linux Vulnerabilities Read More »

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks 2026-01-27 at 11:06 By Eduard Kovacs The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features.  The post Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks Read More »

2024 VMware Flaw Now in Attackers’ Crosshairs

2024 VMware Flaw Now in Attackers’ Crosshairs 2026-01-26 at 07:36 By Ionut Arghire The critical-severity vulnerability can be exploited via crafted network packets for remote code execution. The post 2024 VMware Flaw Now in Attackers’ Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

2024 VMware Flaw Now in Attackers’ Crosshairs Read More »

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices 2026-01-23 at 16:05 By Ionut Arghire Similar to recent FortiCloud single sign-on (SSO) login vulnerabilities, the attacks bypass authentication. The post Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices Read More »

Organizations Warned of Exploited Zimbra Collaboration Vulnerability

Organizations Warned of Exploited Zimbra Collaboration Vulnerability 2026-01-23 at 15:31 By Ionut Arghire CISA has added the Zimbra flaw to the KEV catalog along with three other bugs exploited in the wild. The post Organizations Warned of Exploited Zimbra Collaboration Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Zimbra Collaboration Vulnerability Read More »

Fresh SmarterMail Flaw Exploited for Admin Access

Fresh SmarterMail Flaw Exploited for Admin Access 2026-01-23 at 12:46 By Ionut Arghire The exploitation of the authentication bypass vulnerability started two days after patches were released. The post Fresh SmarterMail Flaw Exploited for Admin Access appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fresh SmarterMail Flaw Exploited for Admin Access Read More »

New Wave of Attacks Targeting FortiGate Firewalls

New Wave of Attacks Targeting FortiGate Firewalls 2026-01-22 at 14:41 By Ionut Arghire Hackers bypass the FortiCloud SSO login authentication to create new accounts and change device configurations. The post New Wave of Attacks Targeting FortiGate Firewalls appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New Wave of Attacks Targeting FortiGate Firewalls Read More »

Cisco Patches Vulnerability Exploited by Chinese Hackers

Cisco Patches Vulnerability Exploited by Chinese Hackers 2026-01-16 at 11:54 By Ionut Arghire UAT-9686 exploited the bug to deploy the AquaShell backdoor on Cisco appliances with certain ports open to the internet. The post Cisco Patches Vulnerability Exploited by Chinese Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Vulnerability Exploited by Chinese Hackers Read More »

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities 2026-01-13 at 21:52 By Eduard Kovacs Two vulnerabilities patched this month by Microsoft were disclosed publicly before fixes were released. The post Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities Read More »

Critical HPE OneView Vulnerability Exploited in Attacks

Critical HPE OneView Vulnerability Exploited in Attacks 2026-01-08 at 13:20 By Ionut Arghire The maximum-severity code injection flaw can be exploited without authentication for remote code execution. The post Critical HPE OneView Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE OneView Vulnerability Exploited in Attacks Read More »

Hackers Exploit Zero-Day in Discontinued D-Link Devices

Hackers Exploit Zero-Day in Discontinued D-Link Devices 2026-01-07 at 14:34 By Ionut Arghire The critical-severity vulnerability allows unauthenticated, remote attackers to execute arbitrary shell commands. The post Hackers Exploit Zero-Day in Discontinued D-Link Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Exploit Zero-Day in Discontinued D-Link Devices Read More »

RondoDox Botnet Exploiting React2Shell Vulnerability

RondoDox Botnet Exploiting React2Shell Vulnerability 2026-01-02 at 14:42 By Ionut Arghire In December, the botnet’s operators focused on weaponizing the flaw to compromise vulnerable Next.js servers. The post RondoDox Botnet Exploiting React2Shell Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

RondoDox Botnet Exploiting React2Shell Vulnerability Read More »

Adobe ColdFusion Servers Targeted in Coordinated Campaign

Adobe ColdFusion Servers Targeted in Coordinated Campaign 2026-01-02 at 14:42 By Ionut Arghire GreyNoise has observed thousands of requests targeting a dozen vulnerabilities in Adobe ColdFusion during the Christmas 2025 holiday. The post Adobe ColdFusion Servers Targeted in Coordinated Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe ColdFusion Servers Targeted in Coordinated Campaign Read More »

Fortinet Warns of New Attacks Exploiting Old Vulnerability

Fortinet Warns of New Attacks Exploiting Old Vulnerability 2025-12-29 at 15:05 By Ionut Arghire Tracked as CVE-2020-12812, the exploited FortiOS flaw allows threat actors to bypass two-factor authentication. The post Fortinet Warns of New Attacks Exploiting Old Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Warns of New Attacks Exploiting Old Vulnerability Read More »

Fresh MongoDB Vulnerability Exploited in Attacks

Fresh MongoDB Vulnerability Exploited in Attacks 2025-12-29 at 12:02 By Ionut Arghire Dubbed MongoBleed, the high-severity flaw allows unauthenticated, remote attackers to leak sensitive information from MongoDB servers. The post Fresh MongoDB Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fresh MongoDB Vulnerability Exploited in Attacks Read More »

WatchGuard Patches Firebox Zero-Day Exploited in the Wild

WatchGuard Patches Firebox Zero-Day Exploited in the Wild 2025-12-22 at 15:09 By Ionut Arghire The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

WatchGuard Patches Firebox Zero-Day Exploited in the Wild Read More »

CISA Warns of Exploited Flaw in Asus Update Tool

CISA Warns of Exploited Flaw in Asus Update Tool 2025-12-18 at 15:37 By Ionut Arghire Tracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack. The post CISA Warns of Exploited Flaw in Asus Update Tool appeared first on SecurityWeek. This article is an excerpt from

CISA Warns of Exploited Flaw in Asus Update Tool Read More »

SonicWall Patches Exploited SMA 1000 Zero-Day

SonicWall Patches Exploited SMA 1000 Zero-Day 2025-12-18 at 11:29 By Ionut Arghire The medium-severity flaw has been exploited in combination with a critical bug for remote code execution. The post SonicWall Patches Exploited SMA 1000 Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SonicWall Patches Exploited SMA 1000 Zero-Day Read More »

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear 2025-12-18 at 09:18 By Eduard Kovacs The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances. The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear Read More »

Scroll to Top