Vulnerabilities

Trend Micro Patches Critical Apex One Vulnerabilities

Trend Micro Patches Critical Apex One Vulnerabilities 2026-02-26 at 12:27 By Eduard Kovacs TrendAI has fixed eight critical and high-severity issues in Windows and macOS endpoint security products. The post Trend Micro Patches Critical Apex One Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Trend Micro Patches Critical Apex One Vulnerabilities Read More »

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers 2026-02-26 at 11:52 By Ionut Arghire Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek. This article is an excerpt from

Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers Read More »

SolarWinds Patches Four Critical Serv-U Vulnerabilities

SolarWinds Patches Four Critical Serv-U Vulnerabilities 2026-02-25 at 17:30 By Ionut Arghire The four security defects could be exploited for remote code execution but require administrative privileges. The post SolarWinds Patches Four Critical Serv-U Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SolarWinds Patches Four Critical Serv-U Vulnerabilities Read More »

VMware Aria Operations Vulnerability Could Allow Remote Code Execution

VMware Aria Operations Vulnerability Could Allow Remote Code Execution 2026-02-24 at 16:42 By Eduard Kovacs Broadcom has patched several vulnerabilities in VMware Aria Operations, including high-severity flaws. The post VMware Aria Operations Vulnerability Could Allow Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

VMware Aria Operations Vulnerability Could Allow Remote Code Execution Read More »

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover 2026-02-24 at 14:26 By Ionut Arghire Attackers can inject malicious instructions in a GitHub Issue that are automatically processed by Copilot when launching a Codespace from that issue. The post GitHub Issues Abused in Copilot Attack Leading to Repository Takeover appeared first on SecurityWeek. This

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover Read More »

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs 2026-02-24 at 14:00 By Eduard Kovacs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. The post Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs appeared first on SecurityWeek. This article is an

Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs Read More »

Recent SolarWinds Flaws Potentially Exploited as Zero-Days

Recent SolarWinds Flaws Potentially Exploited as Zero-Days 2026-02-09 at 17:42 By Ionut Arghire Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access. The post Recent SolarWinds Flaws Potentially Exploited as Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent SolarWinds Flaws Potentially Exploited as Zero-Days Read More »

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog 2026-02-09 at 11:10 By Kevin Townsend The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. The post New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s

New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog Read More »

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks 2026-02-06 at 09:54 By Ionut Arghire The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests. The post Critical SmarterMail Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks Read More »

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog 2026-02-06 at 08:00 By Eduard Kovacs CISA updated 59 KEV entries in 2025 to specify that the vulnerabilities have been exploited in ransomware attacks. The post Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog appeared first on SecurityWeek. This article is an excerpt

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog Read More »

VS Code Configs Expose GitHub Codespaces to Attacks

VS Code Configs Expose GitHub Codespaces to Attacks 2026-02-05 at 16:59 By Ionut Arghire VS Code-integrated configuration files are automatically executed in Codespaces when the user opens a repository or pull request. The post VS Code Configs Expose GitHub Codespaces to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

VS Code Configs Expose GitHub Codespaces to Attacks Read More »

Critical N8n Sandbox Escape Could Lead to Server Compromise

Critical N8n Sandbox Escape Could Lead to Server Compromise 2026-02-05 at 14:02 By Ionut Arghire The vulnerability could allow attackers to execute arbitrary commands and steal credentials and other secrets. The post Critical N8n Sandbox Escape Could Lead to Server Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical N8n Sandbox Escape Could Lead to Server Compromise Read More »

Cisco, F5 Patch High-Severity Vulnerabilities

Cisco, F5 Patch High-Severity Vulnerabilities 2026-02-05 at 12:06 By Ionut Arghire The security defects can lead to DoS conditions, arbitrary command execution, and privilege escalation. The post Cisco, F5 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco, F5 Patch High-Severity Vulnerabilities Read More »

Vulnerabilities Allowed Full Compromise of Google Looker Instances

Vulnerabilities Allowed Full Compromise of Google Looker Instances 2026-02-04 at 15:45 By Eduard Kovacs The flaws dubbed LookOut can be exploited for remote code execution and data exfiltration. The post Vulnerabilities Allowed Full Compromise of Google Looker Instances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Vulnerabilities Allowed Full Compromise of Google Looker Instances Read More »

DockerDash Flaw in Docker AI Assistant Leads to RCE, Data Theft

DockerDash Flaw in Docker AI Assistant Leads to RCE, Data Theft 2026-02-04 at 13:48 By Ionut Arghire The critical vulnerability exists in the contextual trust in MCP Gateway architecture, as instructions are passed without validation. The post DockerDash Flaw in Docker AI Assistant Leads to RCE, Data Theft appeared first on SecurityWeek. This article is

DockerDash Flaw in Docker AI Assistant Leads to RCE, Data Theft Read More »

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks 2026-02-04 at 12:02 By Ionut Arghire Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week. The post Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks Read More »

Fresh SolarWinds Vulnerability Exploited in Attacks

Fresh SolarWinds Vulnerability Exploited in Attacks 2026-02-04 at 11:56 By Ionut Arghire The critical-severity SolarWinds Web Help Desk flaw could lead to unauthenticated remote code execution. The post Fresh SolarWinds Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fresh SolarWinds Vulnerability Exploited in Attacks Read More »

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks 2026-02-04 at 10:47 By Eduard Kovacs Wiz and Permiso have analyzed the AI agent social network and found serious security issues and threats. The post Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks appeared first on SecurityWeek. This article

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks Read More »

Critical React Native Vulnerability Exploited in the Wild

Critical React Native Vulnerability Exploited in the Wild 2026-02-03 at 16:01 By Ionut Arghire Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware. The post Critical React Native Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical React Native Vulnerability Exploited in the Wild Read More »

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability 

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability  2026-02-03 at 15:15 By Eduard Kovacs The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler. The post Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability  Read More »

Scroll to Top