Vulnerabilities

RabbitMQ Vulnerability Threatens Enterprise Systems

RabbitMQ Vulnerability Threatens Enterprise Systems 2026-07-13 at 15:00 By Ionut Arghire Unauthenticated attackers could obtain the broker’s confidential OAuth client secret, allowing them to take control of the broker. The post RabbitMQ Vulnerability Threatens Enterprise Systems appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

RabbitMQ Vulnerability Threatens Enterprise Systems Read More »

Zimbra Patches Critical Code Execution Vulnerability

Zimbra Patches Critical Code Execution Vulnerability 2026-07-13 at 13:03 By Ionut Arghire The flaw results in malicious code embedded in crafted emails being executed when the emails are opened. The post Zimbra Patches Critical Code Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Zimbra Patches Critical Code Execution Vulnerability Read More »

Organizations Warned of Exploited Joomla Extension Vulnerabilities

Organizations Warned of Exploited Joomla Extension Vulnerabilities 2026-07-13 at 12:08 By Ionut Arghire Threat actors have been targeting Balbooa Forms and iCagenda Joomla extension flaws for remote code execution. The post Organizations Warned of Exploited Joomla Extension Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Joomla Extension Vulnerabilities Read More »

Progress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns

Progress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns 2026-07-13 at 11:20 By Ionut Arghire The company notified customers to manually shut down their servers while it is investigating a credible threat. The post Progress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns appeared first on SecurityWeek. This article is an excerpt from

Progress Prompts ShareFile Storage Zone Controller Shutdown Amid Security Concerns Read More »

Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor

Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor 2026-07-10 at 23:49 By Nathaniel Morales The LevelBlue Managed Threat Research team investigated a security alert in a customer environment involving a malicious ZIP file containing a Windows shortcut (.lnk) used for initial execution. When triggered, the LNK file executes a

Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor Read More »

Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor

Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor 2026-07-09 at 16:52 By Nathaniel Morales The LevelBlue Managed Threat Research team investigated a security alert in a customer environment involving a malicious ZIP file containing a Windows shortcut (.lnk) used for initial execution. When triggered, the LNK file executes a

Hiding in the Chain: Multi-Stage LNK Attack Leveraging TON Blockchain to Deliver Node.JS Backdoor Read More »

Palo Alto Networks Patches 13 Vulnerabilities

Palo Alto Networks Patches 13 Vulnerabilities 2026-07-09 at 16:49 By Eduard Kovacs Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software. The post Palo Alto Networks Patches 13 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Palo Alto Networks Patches 13 Vulnerabilities Read More »

15-Year-Old Linux Vulnerability ‘GhostLock’ Earns Researchers $92k From Google

15-Year-Old Linux Vulnerability ‘GhostLock’ Earns Researchers $92k From Google 2026-07-09 at 14:52 By Ionut Arghire Affecting every major distribution since 2011, the Linux kernel vulnerability allows attackers to gain root access. The post 15-Year-Old Linux Vulnerability ‘GhostLock’ Earns Researchers $92k From Google appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

15-Year-Old Linux Vulnerability ‘GhostLock’ Earns Researchers $92k From Google Read More »

Microsoft Patches Defender ‘RoguePlanet’ Vulnerability

Microsoft Patches Defender ‘RoguePlanet’ Vulnerability 2026-07-09 at 13:28 By Eduard Kovacs The privilege escalation vulnerability tracked as CVE-2026-50656 has been patched with a Microsoft Malware Protection Engine update. The post Microsoft Patches Defender ‘RoguePlanet’ Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Defender ‘RoguePlanet’ Vulnerability Read More »

Chrome 150 Update Patches 27 Vulnerabilities

Chrome 150 Update Patches 27 Vulnerabilities 2026-07-09 at 10:27 By Ionut Arghire The security refresh resolves 13 use-after-free bugs, including two critical-severity flaws found by Google. The post Chrome 150 Update Patches 27 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 150 Update Patches 27 Vulnerabilities Read More »

Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices

Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices 2026-07-09 at 08:00 By Ionut Arghire Tracked as CVE-2026-11405, the vulnerability allows unauthenticated attackers to access a device’s web management interface. The post Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Unpatched Backdoor in Tenda Firmware Grants Admin Access to Devices Read More »

CISA Urges Immediate Patching of Exploited ColdFusion, Langflow, Joomla Flaws

CISA Urges Immediate Patching of Exploited ColdFusion, Langflow, Joomla Flaws 2026-07-08 at 13:45 By Ionut Arghire Two newly disclosed critical vulnerabilities in Adobe ColdFusion and Langflow join two Joomla extension flaws in CISA’s Known Exploited Vulnerabilities catalog, with federal agencies given until July 10 to patch. The post CISA Urges Immediate Patching of Exploited ColdFusion,

CISA Urges Immediate Patching of Exploited ColdFusion, Langflow, Joomla Flaws Read More »

Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection

Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection 2026-07-08 at 13:30 By Ionut Arghire Researchers show how attackers can use a crafted public GitHub Issue to trick AI-powered workflows into exposing data from private repositories without authentication. The post Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection appeared first on SecurityWeek. This article

Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection Read More »

Critical Gitea Flaw Under Active Exploitation, Researchers Warn

Critical Gitea Flaw Under Active Exploitation, Researchers Warn 2026-07-07 at 20:17 By Ionut Arghire Attackers are exploiting the critical Gitea vulnerability CVE-2026-20896 to bypass authentication with a single HTTP header and access vulnerable repositories and secrets. The post Critical Gitea Flaw Under Active Exploitation, Researchers Warn appeared first on SecurityWeek. This article is an excerpt

Critical Gitea Flaw Under Active Exploitation, Researchers Warn Read More »

Critical Adobe ColdFusion Vulnerability Exploited in Attacks

Critical Adobe ColdFusion Vulnerability Exploited in Attacks 2026-07-07 at 15:38 By Ionut Arghire Hackers are exploiting a recently patched critical vulnerability (CVE-2026-48282) in Adobe ColdFusion that carries a CVSS score of 10/10. The post Critical Adobe ColdFusion Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Adobe ColdFusion Vulnerability Exploited in Attacks Read More »

Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems

Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems 2026-07-07 at 13:00 By Ionut Arghire The 16-year-old Januscape flaw affects Linux’s KVM hypervisor, allowing attackers to escape virtual machines and potentially execute code on the underlying host. The post Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems appeared first on

Linux Kernel Vulnerability Allows VM Escape on Intel and AMD Systems Read More »

Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability

Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability 2026-07-06 at 15:48 By Ionut Arghire Organizations are urged to patch after proof-of-concept code makes the Linux root escalation flaw easier to exploit. The post Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability appeared first on SecurityWeek. This article is an excerpt from

Proof-of-Concept Exploit Released for Linux ‘Bad Epoll’ Root Access Vulnerability Read More »

Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution

Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution 2026-07-03 at 10:57 By Ionut Arghire The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor’s sandbox and execute arbitrary code on the underlying operating system. The post Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution

Critical Cursor AI Code Editor Flaws Could Lead to OS-Level Remote Code Execution Read More »

New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure

New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure 2026-07-02 at 18:04 By Ionut Arghire Hackers are targeting NetScaler appliances using public PoC code to retrieve arbitrary memory content in the HTTP response. The post New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure Read More »

Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability

Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability 2026-07-02 at 13:48 By Ionut Arghire A PoC exploit has been available since public disclosure, and the first exploitation attempts were observed last week. The post Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Cisco Confirms In-the-Wild Exploitation of Unified CM Vulnerability Read More »

Scroll to Top