Vulnerabilities

Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities

Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities 2026-07-01 at 14:27 By Ionut Arghire Seven of the security defects have a maximum severity rating of 10/10 and could lead to arbitrary code execution. The post Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Patches Critical ColdFusion, Campaign Classic Vulnerabilities Read More »

Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack

Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack 2026-07-01 at 14:20 By Ionut Arghire Citrix urges customers to patch NetScaler after fixing six vulnerabilities, including the HTTP/2 Bomb flaw and a high-severity CitrixBleed-style information disclosure bug. The post Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack appeared first on SecurityWeek. This article is

Citrix Patches NetScaler Vulnerabilities, Including New ‘HTTP/2 Bomb’ Attack Read More »

Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari

Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari 2026-07-01 at 12:30 By Ionut Arghire The updates fix vulnerabilities in WebKit, the kernel, WebRTC, Web Extensions, and other components affecting iPhone, iPad, Mac, and Safari users. The post Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari appeared first on SecurityWeek. This article

Apple Patches Dozens of Vulnerabilities Across iOS, macOS, and Safari Read More »

BlueHammer Vulnerability Exploited in Ransomware Attacks

BlueHammer Vulnerability Exploited in Ransomware Attacks 2026-06-30 at 16:56 By Eduard Kovacs The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

BlueHammer Vulnerability Exploited in Ransomware Attacks Read More »

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks 2026-06-30 at 16:00 By Kevin Townsend Decades-old Bash shell tricks can bypass safeguards in most open source AI coding agents, potentially turning malicious repositories into supply chain attack vectors. The post Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks appeared first

Decades-Old Bash Tricks Expose AI Coding Agents to Supply Chain Attacks Read More »

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins 2026-06-30 at 14:29 By Ionut Arghire The critical-severity defect allows unauthenticated attackers to take over the E-Business Suite’s Payments product. The post Exploitation of Recent Oracle E-Business Suite Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of Recent Oracle E-Business Suite Vulnerability Begins Read More »

Critical SimpleHelp Vulnerability Exploited for Malware Delivery

Critical SimpleHelp Vulnerability Exploited for Malware Delivery 2026-06-30 at 11:43 By Ionut Arghire The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling. The post Critical SimpleHelp Vulnerability Exploited for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical SimpleHelp Vulnerability Exploited for Malware Delivery Read More »

New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking

New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking 2026-06-30 at 08:04 By Eduard Kovacs CISA has published an advisory to inform organizations about three vulnerabilities found by a researcher in Daktronics controllers. The post New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking appeared first on SecurityWeek. This article is

New Controller Flaws Expose Highway Signs and Billboards to Remote Hacking Read More »

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access 2026-06-29 at 14:20 By Ionut Arghire A variant of DirtyFrag, the flaw allows unprivileged local users to manipulate the Linux page cache and gain root privileges. The post ‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access Read More »

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories 2026-06-26 at 18:23 By Eduard Kovacs AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact.  The post Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories appeared first on SecurityWeek. This article is an excerpt from

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories Read More »

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning 2026-06-25 at 14:23 By Eduard Kovacs The exploited flaw, CVE-2025-67038, is one of the vulnerabilities disclosed in April as part of the BRIDGE:BREAK research project. The post Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning appeared first on SecurityWeek. This article

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning Read More »

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

GitLab Patches Code Execution, Information Disclosure Vulnerabilities 2026-06-25 at 14:10 By Ionut Arghire The latest GitLab CE/EE updates address 13 vulnerabilities, including three high-severity defects. The post GitLab Patches Code Execution, Information Disclosure Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GitLab Patches Code Execution, Information Disclosure Vulnerabilities Read More »

Chrome 149 Update Resolves 18 Severe Vulnerabilities

Chrome 149 Update Resolves 18 Severe Vulnerabilities 2026-06-25 at 10:56 By Ionut Arghire More than half of the bugs are use-after-free defects, which can potentially lead to remote code execution. The post Chrome 149 Update Resolves 18 Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 149 Update Resolves 18 Severe Vulnerabilities Read More »

Cisco SD-WAN Zero-Day Exploited Months Before Patching

Cisco SD-WAN Zero-Day Exploited Months Before Patching 2026-06-25 at 09:08 By Eduard Kovacs CVE-2026-20245, the 7th Cisco SD-WAN vulnerability exploited in 2026, was used for months prior to its disclosure and patching. The post Cisco SD-WAN Zero-Day Exploited Months Before Patching appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco SD-WAN Zero-Day Exploited Months Before Patching Read More »

Exclusive: Meet AIVEX, a New Triage Model Built to Reduce Supply Chain Threat and Risk

Exclusive: Meet AIVEX, a New Triage Model Built to Reduce Supply Chain Threat and Risk 2026-06-24 at 17:30 By Kevin Townsend The new framework seeks to help security teams identify which software supply chain vulnerabilities pose the greatest operational, safety, and business risks in AI-driven environments. The post Exclusive: Meet AIVEX, a New Triage Model

Exclusive: Meet AIVEX, a New Triage Model Built to Reduce Supply Chain Threat and Risk Read More »

LokiBot After a Decade: An Analysis of a Recent LokiBot Campaign

LokiBot After a Decade: An Analysis of a Recent LokiBot Campaign 2026-06-24 at 16:43 By Dawid Nesterowicz In Norse mythology, Loki, the god of mischief, has powerful and deceptive transformation abilities. True to its namesake, the malware LokiBot has appeared in numerous variants and payload formats since its discovery more than a decade ago. In

LokiBot After a Decade: An Analysis of a Recent LokiBot Campaign Read More »

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs 2026-06-24 at 15:32 By Ionut Arghire The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands. The post Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs Read More »

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking 2026-06-24 at 13:55 By Ionut Arghire The security defects allow unauthenticated users to take control of the open source software supply chain. The post Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking Read More »

Scroll to Top