Vulnerabilities - Security Ticks

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Government, In Other News, Vulnerabilities / SecurityTicks

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested 2026-04-17 at 16:30 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to boost cybersecurity budget to $19 million. The post In Other News: Satellite Cybersecurity Act, […]

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested Read More »

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

Apache, Apache ActiveMQ, exploited, Vulnerabilities, vulnerability / SecurityTicks

Recent Apache ActiveMQ Vulnerability Exploited in the Wild 2026-04-17 at 14:32 By Eduard Kovacs The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent Apache ActiveMQ Vulnerability Exploited in the Wild Read More »

Cursor AI Vulnerability Exposed Developer Devices

AI, Artificial Intelligence, Cursor, Vulnerabilities, vulnerability / SecurityTicks

Cursor AI Vulnerability Exposed Developer Devices 2026-04-17 at 10:30 By Ionut Arghire An indirect prompt injection could be chained with a sandbox bypass and Cursor’s remote tunnel feature for shell access to machines. The post Cursor AI Vulnerability Exposed Developer Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cursor AI Vulnerability Exposed Developer Devices Read More »

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest

AI, bug bounty program, Cloud, hacking competition, Microsoft, Vulnerabilities, vulnerability, Zero Day Quest / SecurityTicks

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest 2026-04-16 at 15:03 By Eduard Kovacs Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool. The post Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest appeared first on

Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest Read More »

Splunk Enterprise Update Patches Code Execution Vulnerability

Splunk, Vulnerabilities, vulnerability / SecurityTicks

Splunk Enterprise Update Patches Code Execution Vulnerability 2026-04-16 at 15:03 By Ionut Arghire The flaw allows low-privileged users to upload files to a temporary directory to achieve remote code execution. The post Splunk Enterprise Update Patches Code Execution Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Splunk Enterprise Update Patches Code Execution Vulnerability Read More »

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software

CISA KEV, enrichment, NIST, NVD, Vulnerabilities, vulnerability / SecurityTicks

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software 2026-04-16 at 15:03 By Ionut Arghire To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched. The post NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software appeared first on SecurityWeek. This article is

NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software Read More »

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco, patches, Vulnerabilities, vulnerability / SecurityTicks

Cisco Patches Critical Vulnerabilities in Webex, ISE 2026-04-16 at 13:07 By Ionut Arghire The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS. The post Cisco Patches Critical Vulnerabilities in Webex, ISE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Critical Vulnerabilities in Webex, ISE Read More »

Exploited Vulnerability Exposes Nginx Servers to Hacking

exploited, Nginx, Nginx UI, Vulnerabilities, vulnerability / SecurityTicks

Exploited Vulnerability Exposes Nginx Servers to Hacking 2026-04-15 at 17:48 By Eduard Kovacs Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool. The post Exploited Vulnerability Exposes Nginx Servers to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploited Vulnerability Exposes Nginx Servers to Hacking Read More »

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

AI, Artificial Intelligence, Featured, MCP, Vulnerabilities, vulnerability / SecurityTicks

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks 2026-04-15 at 16:34 By Kevin Townsend Researchers warn that a flaw in Anthropic’s Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise across widely used AI environments. The post ‘By Design’ Flaw in MCP Could Enable Widespread AI Supply

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks Read More »

Two Vulnerabilities Patched in Ivanti Neurons for ITSM

Ivanti, Vulnerabilities, vulnerability / SecurityTicks

Two Vulnerabilities Patched in Ivanti Neurons for ITSM 2026-04-15 at 16:07 By Ionut Arghire The flaws could allow a remote attacker to maintain access after their account has been disabled and to access information from other user sessions. The post Two Vulnerabilities Patched in Ivanti Neurons for ITSM appeared first on SecurityWeek. This article is

Two Vulnerabilities Patched in Ivanti Neurons for ITSM Read More »

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet, patches, Vulnerabilities, vulnerability / SecurityTicks

Fortinet Patches Critical FortiSandbox Vulnerabilities 2026-04-15 at 14:29 By Ionut Arghire The flaws could allow attackers to bypass authentication or execute arbitrary code or commands via HTTP requests. The post Fortinet Patches Critical FortiSandbox Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical FortiSandbox Vulnerabilities Read More »

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities

CISA KEV, exploited, Microsoft, Patch Tuesday, SharePoint, Vulnerabilities, Zero-Day / SecurityTicks

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities 2026-04-14 at 22:26 By Eduard Kovacs Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count. The post Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities Read More »

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe, Patch Tuesday, patches, Vulnerabilities / SecurityTicks

Adobe Patches 55 Vulnerabilities Across 11 Products 2026-04-14 at 20:09 By Eduard Kovacs Critical ColdFusion vulnerabilities are the most at risk of being exploited in attacks, according to the software giant. The post Adobe Patches 55 Vulnerabilities Across 11 Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Patches 55 Vulnerabilities Across 11 Products Read More »

‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats

AI, Artificial Intelligence, attacks, CISO, Featured, Mythos, Vulnerabilities / SecurityTicks

‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats 2026-04-14 at 16:21 By Kevin Townsend CISOs face a shrinking window to prepare as AI models like Mythos collapse the gap between vulnerability discovery and exploitation, driving a new era of high-velocity cyberattacks. The post ‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated

‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats Read More »

SAP Patches Critical ABAP Vulnerability

patch, SAP, Vulnerabilities, vulnerability / SecurityTicks

SAP Patches Critical ABAP Vulnerability 2026-04-14 at 14:28 By Ionut Arghire The company has released 19 new security notes addressing flaws in over a dozen enterprise products. The post SAP Patches Critical ABAP Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SAP Patches Critical ABAP Vulnerability Read More »

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

acrobat, Adobe, CISA KEV, exploited, Vulnerabilities, Windows / SecurityTicks

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities 2026-04-14 at 12:00 By Ionut Arghire The security defects allow attackers to escalate privileges and execute arbitrary code remotely. The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities Read More »

Why Attackers Are Bypassing Phishing Emails and Targeting Identity Instead

Emerging Threats, Threat Intelligence, Vulnerabilities / SecurityTicks

Why Attackers Are Bypassing Phishing Emails and Targeting Identity Instead 2026-04-13 at 17:31 By Jamie Mamroe One of the fastest growing initial access techniques we are seeing right now is Okta vishing: voice-based social engineering designed to compromise the identity provider rather than the inbox. This article is an excerpt from LevelBlue SpiderLabs Blog View

Why Attackers Are Bypassing Phishing Emails and Targeting Identity Instead Read More »

Adobe Patches Reader Zero-Day Exploited for Months

acrobat, Adobe, Adobe Reader, exploited, Featured, reader, Vulnerabilities, Zero-Day / SecurityTicks

Adobe Patches Reader Zero-Day Exploited for Months 2026-04-12 at 10:57 By Eduard Kovacs The vulnerability is tracked as CVE-2026-34621 and Adobe has confirmed that it can be exploited for arbitrary code execution. The post Adobe Patches Reader Zero-Day Exploited for Months appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Patches Reader Zero-Day Exploited for Months Read More »

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

Juniper Networks, patches, Vulnerabilities, vulnerability / SecurityTicks

Juniper Networks Patches Dozens of Junos OS Vulnerabilities 2026-04-10 at 17:22 By Ionut Arghire A critical-severity flaw could be exploited remotely, without authentication, to take over a vulnerable device. The post Juniper Networks Patches Dozens of Junos OS Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Juniper Networks Patches Dozens of Junos OS Vulnerabilities Read More »

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

DICOM, medical, Orthanc, Vulnerabilities, vulnerability / SecurityTicks

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE 2026-04-10 at 15:05 By Ionut Arghire Attackers could exploit these vulnerabilities in denial-of-service, information disclosure, and arbitrary code execution attacks. The post Orthanc DICOM Vulnerabilities Lead to Crashes, RCE appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE Read More »