Vulnerabilities

Russian APT Exploits Zimbra Vulnerability Against Ukraine

CISA KEV, exploited, Malware & Threats, phishing, Vulnerabilities, vulnerability, Zimbra /

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA KEV, exploited, SharePoint, Vulnerabilities, vulnerability /

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

Cisco, exploited, Featured, firewall, InterLock, Ransomware, Vulnerabilities, vulnerability /

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks 2026-03-19 at 11:01 By Eduard Kovacs Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article is an

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks Read More »

The Collapse of Predictive Security in the Age of Machine-Speed Attacks

AI, Artificial Intelligence, Incident Response, Rapid7, report, Vulnerabilities /

The Collapse of Predictive Security in the Age of Machine-Speed Attacks 2026-03-18 at 21:42 By Kevin Townsend With exploitation of vulnerabilities taking just days, preemptive security must be the new model for defenders. The post The Collapse of Predictive Security in the Age of Machine-Speed Attacks appeared first on SecurityWeek. This article is an excerpt

The Collapse of Predictive Security in the Age of Machine-Speed Attacks Read More »

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

DarkSword, exploit, exploit kit, iOS, Mobile & Wireless, Russia, spyware, Vulnerabilities /

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors 2026-03-18 at 17:54 By Ionut Arghire Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance. The post ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors appeared first on SecurityWeek. This article is an excerpt from

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors Read More »

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch

controversy, disputed, Featured, Privacy, View Once, Vulnerabilities, vulnerability, WhatsApp /

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch 2026-03-18 at 12:47 By Eduard Kovacs Meta does not plan on fixing the vulnerability because it involves the use of a modified client application. The post Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch appeared first on SecurityWeek. This article is an excerpt

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch Read More »

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA KEV, exploited, Vulnerabilities, vulnerability, Wing FTP server /

CISA Flags Year-Old Wing FTP Vulnerability as Exploited 2026-03-17 at 13:35 By Ionut Arghire Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Read More »

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets

Aruba, HPE, password, Switch, Vulnerabilities, vulnerability /

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets 2026-03-14 at 13:02 By Ionut Arghire The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls. The post Critical HPE AOS-CX Vulnerability Allows Admin Password Resets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets Read More »

Discover and Exploit: Memory Corruption in CUPS (CVE-2025-61915)

Vulnerabilities /

Discover and Exploit: Memory Corruption in CUPS (CVE-2025-61915) 2026-03-13 at 19:32 By Ariel Silver CVE-2025-61915 is a stack based out-of-bound write bug in CUPS. An unauthorized user can modify cupsd.conf and add a malicious IPv6 address. CUPS, the printing stack in Unix, will parse the IPv6 incorrectly causing a stack underflow. This article is an

Discover and Exploit: Memory Corruption in CUPS (CVE-2025-61915) Read More »

Google Paid Out $17 Million in Bug Bounty Rewards in 2025

bug bounty program, Google, Vulnerabilities /

Google Paid Out $17 Million in Bug Bounty Rewards in 2025 2026-03-13 at 13:16 By Ionut Arghire Google paid over $3.7 million for Chrome vulnerabilities, and more than $3.5 million for cloud security defects. The post Google Paid Out $17 Million in Bug Bounty Rewards in 2025 appeared first on SecurityWeek. This article is an

Google Paid Out $17 Million in Bug Bounty Rewards in 2025 Read More »

Chrome 146 Update Patches Two Exploited Zero-Days

Chrome, exploited, Featured, Vulnerabilities, vulnerability, Zero-Day /

Chrome 146 Update Patches Two Exploited Zero-Days 2026-03-13 at 09:50 By Ionut Arghire The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution. The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 146 Update Patches Two Exploited Zero-Days Read More »

Cisco Patches High-Severity IOS XR Vulnerabilities

Cisco, Vulnerabilities, vulnerability /

Cisco Patches High-Severity IOS XR Vulnerabilities 2026-03-12 at 15:45 By Ionut Arghire The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches High-Severity IOS XR Vulnerabilities Read More »

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

Ally, plugin, plugin vulnerability, Vulnerabilities, vulnerability, WordPress /

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks 2026-03-12 at 14:43 By Ionut Arghire The issue allows attackers to inject SQL queries and extract sensitive information from the database. The post Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks Read More »

Splunk, Zoom Patch Severe Vulnerabilities

patch, Splunk, Vulnerabilities, vulnerability, Zoom /

Splunk, Zoom Patch Severe Vulnerabilities 2026-03-12 at 14:06 By Ionut Arghire Critical- and high-severity flaws could be exploited to execute arbitrary shell commands or elevate privileges. The post Splunk, Zoom Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Splunk, Zoom Patch Severe Vulnerabilities Read More »

Microsoft Patches 83 Vulnerabilities

Featured, Microsoft, Patch Tuesday, Vulnerabilities, vulnerability /

Microsoft Patches 83 Vulnerabilities 2026-03-10 at 21:12 By Ionut Arghire Microsoft has fixed a critical vulnerability, but none of the flaws fixed this Patch Tuesday has been exploited in the wild. The post Microsoft Patches 83 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 83 Vulnerabilities Read More »

Adobe Patches 80 Vulnerabilities Across Eight Products

Adobe, patch, Patch Tuesday, Vulnerabilities, vulnerability /

Adobe Patches 80 Vulnerabilities Across Eight Products 2026-03-10 at 20:22 By Ionut Arghire Adobe has rolled out patches for 80 vulnerabilities across 8 products, including Commerce, Illustrator, Acrobat Reader, and Premiere Pro. The post Adobe Patches 80 Vulnerabilities Across Eight Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Patches 80 Vulnerabilities Across Eight Products Read More »

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

patch, Patch Tuesday, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities 2026-03-10 at 16:33 By Ionut Arghire A code injection bug in FS-QUO and an insecure deserialization flaw in NetWeaver could lead to arbitrary code execution. The post SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities Read More »

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA KEV, exploited, Featured, Vulnerabilities, vulnerability /

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks 2026-03-10 at 15:06 By Ionut Arghire CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks Read More »

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

Cisco, exploited, Featured, Vulnerabilities /

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited 2026-03-08 at 14:34 By Eduard Kovacs WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses. The post Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited Read More »

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

CISA KEV, exploited, ICS, ICS/OT, OT, Rockwell Automation, Vulnerabilities /

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks 2026-03-06 at 15:38 By Eduard Kovacs The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. The post Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks Read More »

Scroll to Top