Vulnerabilities

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability 2026-03-23 at 09:18 By Eduard Kovacs CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild.  The post Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability appeared first on SecurityWeek. This article is an excerpt from […]

Oracle Releases Emergency Patch for Critical Identity Manager Vulnerability Read More »

Critical Quest KACE Vulnerability Potentially Exploited in Attacks

Critical Quest KACE Vulnerability Potentially Exploited in Attacks 2026-03-21 at 13:00 By Eduard Kovacs The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector. The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Critical Quest KACE Vulnerability Potentially Exploited in Attacks Read More »

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

Critical Langflow Vulnerability Exploited Hours After Public Disclosure 2026-03-20 at 10:42 By Ionut Arghire Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution. The post Critical Langflow Vulnerability Exploited Hours After Public Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Langflow Vulnerability Exploited Hours After Public Disclosure Read More »

Fake CAPTCHA Campaign: Inside a Multi-Stage Stealer Assault

Fake CAPTCHA Campaign: Inside a Multi-Stage Stealer Assault 2026-03-19 at 22:28 By Shabtay Barel, Serhii Melnyk, Rodel Mendrez This report expands LevelBlue’s ongoing investigation into a multi-stage fileless malware campaign in which a network of compromised legitimate websites redirects victims to fake CAPTCHA verification pages delivering credential-stealing payloads through a ClickFix social engineering mechanism. This

Fake CAPTCHA Campaign: Inside a Multi-Stage Stealer Assault Read More »

Critical ScreenConnect Vulnerability Exposes Machine Keys

Critical ScreenConnect Vulnerability Exposes Machine Keys 2026-03-19 at 22:27 By Ionut Arghire Latest ScreenConnect version adds encrypted storage and management to prevent unauthorized access to machine keys. The post Critical ScreenConnect Vulnerability Exposes Machine Keys appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical ScreenConnect Vulnerability Exposes Machine Keys Read More »

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks 2026-03-19 at 11:01 By Eduard Kovacs Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article is an

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks Read More »

The Collapse of Predictive Security in the Age of Machine-Speed Attacks

The Collapse of Predictive Security in the Age of Machine-Speed Attacks 2026-03-18 at 21:42 By Kevin Townsend With exploitation of vulnerabilities taking just days, preemptive security must be the new model for defenders. The post The Collapse of Predictive Security in the Age of Machine-Speed Attacks appeared first on SecurityWeek. This article is an excerpt

The Collapse of Predictive Security in the Age of Machine-Speed Attacks Read More »

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors 2026-03-18 at 17:54 By Ionut Arghire Targeting six iOS vulnerabilities and leading to full device compromise, the exploit chain is meant for surveillance. The post ‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors appeared first on SecurityWeek. This article is an excerpt from

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors Read More »

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch 2026-03-18 at 12:47 By Eduard Kovacs Meta does not plan on fixing the vulnerability because it involves the use of a modified client application. The post Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch appeared first on SecurityWeek. This article is an excerpt

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch Read More »

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA Flags Year-Old Wing FTP Vulnerability as Exploited 2026-03-17 at 13:35 By Ionut Arghire Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Read More »

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets 2026-03-14 at 13:02 By Ionut Arghire The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls. The post Critical HPE AOS-CX Vulnerability Allows Admin Password Resets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets Read More »

Discover and Exploit: Memory Corruption in CUPS (CVE-2025-61915)

Discover and Exploit: Memory Corruption in CUPS (CVE-2025-61915) 2026-03-13 at 19:32 By Ariel Silver CVE-2025-61915 is a stack based out-of-bound write bug in CUPS. An unauthorized user can modify cupsd.conf and add a malicious IPv6 address. CUPS, the printing stack in Unix, will parse the IPv6 incorrectly causing a stack underflow. This article is an

Discover and Exploit: Memory Corruption in CUPS (CVE-2025-61915) Read More »

Google Paid Out $17 Million in Bug Bounty Rewards in 2025

Google Paid Out $17 Million in Bug Bounty Rewards in 2025 2026-03-13 at 13:16 By Ionut Arghire Google paid over $3.7 million for Chrome vulnerabilities, and more than $3.5 million for cloud security defects. The post Google Paid Out $17 Million in Bug Bounty Rewards in 2025 appeared first on SecurityWeek. This article is an

Google Paid Out $17 Million in Bug Bounty Rewards in 2025 Read More »

Chrome 146 Update Patches Two Exploited Zero-Days

Chrome 146 Update Patches Two Exploited Zero-Days 2026-03-13 at 09:50 By Ionut Arghire The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution. The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 146 Update Patches Two Exploited Zero-Days Read More »

Cisco Patches High-Severity IOS XR Vulnerabilities

Cisco Patches High-Severity IOS XR Vulnerabilities 2026-03-12 at 15:45 By Ionut Arghire The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches High-Severity IOS XR Vulnerabilities Read More »

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks 2026-03-12 at 14:43 By Ionut Arghire The issue allows attackers to inject SQL queries and extract sensitive information from the database. The post Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks Read More »

Splunk, Zoom Patch Severe Vulnerabilities

Splunk, Zoom Patch Severe Vulnerabilities 2026-03-12 at 14:06 By Ionut Arghire Critical- and high-severity flaws could be exploited to execute arbitrary shell commands or elevate privileges. The post Splunk, Zoom Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Splunk, Zoom Patch Severe Vulnerabilities Read More »

Microsoft Patches 83 Vulnerabilities

Microsoft Patches 83 Vulnerabilities 2026-03-10 at 21:12 By Ionut Arghire Microsoft has fixed a critical vulnerability, but none of the flaws fixed this Patch Tuesday has been exploited in the wild. The post Microsoft Patches 83 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 83 Vulnerabilities Read More »

Scroll to Top