CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List 2026-03-06 at 15:38 By Ionut Arghire The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List Read More »
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises 2026-03-05 at 17:10 By Eduard Kovacs Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead. The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first on SecurityWeek.
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises Read More »
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild 2026-03-05 at 14:27 By Eduard Kovacs The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first on SecurityWeek. This article is an
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild Read More »
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products 2026-03-05 at 10:51 By Ionut Arghire Cisco has rolled out patches for 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD products. The post Cisco Patches Critical Vulnerabilities in Enterprise Networking Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products Read More »
VMware Aria Operations Vulnerability Exploited in the Wild 2026-03-04 at 09:28 By Eduard Kovacs The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution. The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
VMware Aria Operations Vulnerability Exploited in the Wild Read More »
Android Update Patches Exploited Qualcomm Zero-Day 2026-03-03 at 15:07 By Ionut Arghire An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption. The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Android Update Patches Exploited Qualcomm Zero-Day Read More »
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise 2026-03-03 at 13:58 By Ionut Arghire Improper input sanitization in the framework can be exploited through the Shell tool, allowing attackers to modify system files and steal data. The post Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise appeared first on SecurityWeek. This
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise Read More »
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant 2026-03-02 at 17:46 By Ionut Arghire Malicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files. The post Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant Read More »
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents 2026-03-02 at 16:57 By Ionut Arghire Malicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent. The post OpenClaw Vulnerability Allowed Websites to Hijack AI Agents appeared first on SecurityWeek. This article is an
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents Read More »
LevelBlue SpiderLabs: APAC Emerges as Primary Target for Manufacturing Cyberattacks 2026-02-28 at 10:37 By The manufacturing sector faces a 793% surge in cyberattacks, with APAC manufacturers being the primary targets worldwide. Sophisticated threat actors—including Lazarus Group, APT41, and Russian ransomware affiliates—are driving a wave of ransomware and cyber espionage campaigns against manufacturers. Ransomware and cyber
LevelBlue SpiderLabs: APAC Emerges as Primary Target for Manufacturing Cyberattacks Read More »
900 Sangoma FreePBX Instances Infected With Web Shells 2026-02-27 at 15:38 By Ionut Arghire The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface. The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
900 Sangoma FreePBX Instances Infected With Web Shells Read More »
Juniper Networks PTX Routers Affected by Critical Vulnerability 2026-02-27 at 12:47 By Eduard Kovacs An out-of-band security update for Junos OS Evolved patches the remote code execution vulnerability CVE-2026-21902. The post Juniper Networks PTX Routers Affected by Critical Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Juniper Networks PTX Routers Affected by Critical Vulnerability Read More »
Claude Code Flaws Exposed Developer Devices to Silent Hacking 2026-02-26 at 19:37 By Eduard Kovacs Anthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files. The post Claude Code Flaws Exposed Developer Devices to Silent Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Claude Code Flaws Exposed Developer Devices to Silent Hacking Read More »
Zyxel Patches Critical Vulnerability in Many Device Models 2026-02-26 at 14:40 By Ionut Arghire The issue impacts the UPnP function of multiple device models and could be exploited for remote code execution. The post Zyxel Patches Critical Vulnerability in Many Device Models appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Zyxel Patches Critical Vulnerability in Many Device Models Read More »
Trend Micro Patches Critical Apex One Vulnerabilities 2026-02-26 at 12:27 By Eduard Kovacs TrendAI has fixed eight critical and high-severity issues in Windows and macOS endpoint security products. The post Trend Micro Patches Critical Apex One Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Trend Micro Patches Critical Apex One Vulnerabilities Read More »
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers 2026-02-26 at 11:52 By Ionut Arghire Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek. This article is an excerpt from
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers Read More »
SolarWinds Patches Four Critical Serv-U Vulnerabilities 2026-02-25 at 17:30 By Ionut Arghire The four security defects could be exploited for remote code execution but require administrative privileges. The post SolarWinds Patches Four Critical Serv-U Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SolarWinds Patches Four Critical Serv-U Vulnerabilities Read More »
VMware Aria Operations Vulnerability Could Allow Remote Code Execution 2026-02-24 at 16:42 By Eduard Kovacs Broadcom has patched several vulnerabilities in VMware Aria Operations, including high-severity flaws. The post VMware Aria Operations Vulnerability Could Allow Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
VMware Aria Operations Vulnerability Could Allow Remote Code Execution Read More »
GitHub Issues Abused in Copilot Attack Leading to Repository Takeover 2026-02-24 at 14:26 By Ionut Arghire Attackers can inject malicious instructions in a GitHub Issue that are automatically processed by Copilot when launching a Codespace from that issue. The post GitHub Issues Abused in Copilot Attack Leading to Repository Takeover appeared first on SecurityWeek. This
GitHub Issues Abused in Copilot Attack Leading to Repository Takeover Read More »
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs 2026-02-24 at 14:00 By Eduard Kovacs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. The post Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs appeared first on SecurityWeek. This article is an
Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Read More »