Vulnerabilities

Ivanti Patches Exploited EPMM Zero-Days

Ivanti Patches Exploited EPMM Zero-Days 2026-01-30 at 10:33 By Eduard Kovacs The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely. The post Ivanti Patches Exploited EPMM Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ivanti Patches Exploited EPMM Zero-Days Read More »

N8n Vulnerabilities Could Lead to Remote Code Execution

N8n Vulnerabilities Could Lead to Remote Code Execution 2026-01-29 at 17:29 By Ionut Arghire The two bugs impacted n8n’s sandbox mechanism and could be exploited via weaknesses in the AST sanitization logic. The post N8n Vulnerabilities Could Lead to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

N8n Vulnerabilities Could Lead to Remote Code Execution Read More »

SolarWinds Patches Critical Web Help Desk Vulnerabilities

SolarWinds Patches Critical Web Help Desk Vulnerabilities 2026-01-29 at 15:49 By Ionut Arghire The four critical flaws could be exploited without authentication for remote code execution or authentication bypass. The post SolarWinds Patches Critical Web Help Desk Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SolarWinds Patches Critical Web Help Desk Vulnerabilities Read More »

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability 2026-01-28 at 12:06 By Ionut Arghire Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025. The post APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability Read More »

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass 2026-01-28 at 10:17 By Ionut Arghire Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts. The post Fortinet Patches Exploited FortiCloud SSO Authentication Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass Read More »

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL 2026-01-28 at 09:48 By Eduard Kovacs A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm. The post High-Severity Remote Code Execution Vulnerability Patched in OpenSSL appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL Read More »

Organizations Warned of Exploited Linux Vulnerabilities

Organizations Warned of Exploited Linux Vulnerabilities 2026-01-27 at 12:47 By Ionut Arghire The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root. The post Organizations Warned of Exploited Linux Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Linux Vulnerabilities Read More »

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks 2026-01-27 at 11:06 By Eduard Kovacs The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features.  The post Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks Read More »

Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms

Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms 2026-01-26 at 18:51 By Eduard Kovacs More than 20 vulnerabilities were found and patched in Dormakaba physical access control systems. The post Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms appeared first on SecurityWeek. This article is an excerpt

Access System Flaws Enabled Hackers to Unlock Doors at Major European Firms Read More »

2024 VMware Flaw Now in Attackers’ Crosshairs

2024 VMware Flaw Now in Attackers’ Crosshairs 2026-01-26 at 07:36 By Ionut Arghire The critical-severity vulnerability can be exploited via crafted network packets for remote code execution. The post 2024 VMware Flaw Now in Attackers’ Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

2024 VMware Flaw Now in Attackers’ Crosshairs Read More »

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices 2026-01-23 at 16:05 By Ionut Arghire Similar to recent FortiCloud single sign-on (SSO) login vulnerabilities, the attacks bypass authentication. The post Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Confirms FortiCloud SSO Exploitation Against Patched Devices Read More »

Organizations Warned of Exploited Zimbra Collaboration Vulnerability

Organizations Warned of Exploited Zimbra Collaboration Vulnerability 2026-01-23 at 15:31 By Ionut Arghire CISA has added the Zimbra flaw to the KEV catalog along with three other bugs exploited in the wild. The post Organizations Warned of Exploited Zimbra Collaboration Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Zimbra Collaboration Vulnerability Read More »

Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026

Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026 2026-01-23 at 13:33 By Eduard Kovacs Pwn2Own participants disclosed a total of 76 vulnerabilities during the three-day event.  The post Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Infotainment, EV Charger Exploits Earn Hackers $1M at Pwn2Own Automotive 2026 Read More »

Fresh SmarterMail Flaw Exploited for Admin Access

Fresh SmarterMail Flaw Exploited for Admin Access 2026-01-23 at 12:46 By Ionut Arghire The exploitation of the authentication bypass vulnerability started two days after patches were released. The post Fresh SmarterMail Flaw Exploited for Admin Access appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fresh SmarterMail Flaw Exploited for Admin Access Read More »

New Wave of Attacks Targeting FortiGate Firewalls

New Wave of Attacks Targeting FortiGate Firewalls 2026-01-22 at 14:41 By Ionut Arghire Hackers bypass the FortiCloud SSO login authentication to create new accounts and change device configurations. The post New Wave of Attacks Targeting FortiGate Firewalls appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

New Wave of Attacks Targeting FortiGate Firewalls Read More »

Furl Raises $10 Million for Autonomous Vulnerability Remediation

Furl Raises $10 Million for Autonomous Vulnerability Remediation 2026-01-22 at 13:11 By Ionut Arghire The startup will use the new funding to accelerate product development and deepen remediation capabilities. The post Furl Raises $10 Million for Autonomous Vulnerability Remediation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Furl Raises $10 Million for Autonomous Vulnerability Remediation Read More »

Atlassian, GitLab, Zoom Release Security Patches

Atlassian, GitLab, Zoom Release Security Patches 2026-01-22 at 11:49 By Ionut Arghire Fixes were rolled out for over two dozen vulnerabilities, including critical- and high-severity bugs. The post Atlassian, GitLab, Zoom Release Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Atlassian, GitLab, Zoom Release Security Patches Read More »

Hackers Targeting Cisco Unified CM Zero-Day 

Hackers Targeting Cisco Unified CM Zero-Day  2026-01-22 at 11:07 By Eduard Kovacs Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution. The post Hackers Targeting Cisco Unified CM Zero-Day  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Targeting Cisco Unified CM Zero-Day  Read More »

Oracle’s First 2026 CPU Delivers 337 New Security Patches

Oracle’s First 2026 CPU Delivers 337 New Security Patches 2026-01-21 at 12:53 By Ionut Arghire Oracle’s January 2026 CPU resolves roughly 230 unique vulnerabilities across more than 30 products. The post Oracle’s First 2026 CPU Delivers 337 New Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Oracle’s First 2026 CPU Delivers 337 New Security Patches Read More »

The AI Authorization Revolution: Why “Who Can Do What” Is the New Security Battleground

The AI Authorization Revolution: Why “Who Can Do What” Is the New Security Battleground 2026-01-20 at 21:37 By Bindu Sundaresan Remember when security was simple? Users had roles. Roles had permissions. Done. Those were the days when your biggest worry was whether someone from marketing accidentally got admin access to the finance system. This article

The AI Authorization Revolution: Why “Who Can Do What” Is the New Security Battleground Read More »

Scroll to Top