SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities 2026-03-10 at 16:33 By Ionut Arghire A code injection bug in FS-QUO and an insecure deserialization flaw in NetWeaver could lead to arbitrary code execution. The post SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities Read More »
OpenAI Rolls Out Codex Security Vulnerability Scanner 2026-03-10 at 16:33 By Eduard Kovacs Codex Security, formerly Aardvark, has found hundreds of critical vulnerabilities in tested software in the past month. The post OpenAI Rolls Out Codex Security Vulnerability Scanner appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
OpenAI Rolls Out Codex Security Vulnerability Scanner Read More »
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks 2026-03-10 at 15:06 By Ionut Arghire CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks Read More »
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List 2026-03-06 at 15:38 By Ionut Arghire The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List Read More »
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises 2026-03-05 at 17:10 By Eduard Kovacs Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead. The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first on SecurityWeek.
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises Read More »
Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities 2026-03-05 at 15:59 By Zeljka Zorz Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The exploited vulnerabilities (CVE-2026-20128, CVE-2026-20122) CVE-2026-20128 is a bug in the Data Collection Agent (DCA) feature of
Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities Read More »
FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289) 2026-03-05 at 14:27 By Zeljka Zorz A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially crafted email to a FreeScout mailbox. CVE-2026-28289 exploitation FreeScout is a free, open-source help desk and
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild 2026-03-05 at 14:27 By Eduard Kovacs The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first on SecurityWeek. This article is an
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild Read More »
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products 2026-03-05 at 10:51 By Ionut Arghire Cisco has rolled out patches for 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD products. The post Cisco Patches Critical Vulnerabilities in Enterprise Networking Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Cisco Patches Critical Vulnerabilities in Enterprise Networking Products Read More »
The vulnerability that turns your AI agent against you 2026-03-04 at 16:08 By Help Net Security Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious
The vulnerability that turns your AI agent against you Read More »
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) 2026-03-04 at 15:57 By Zeljka Zorz A critical RCE vulnerability (CVE-2025-14500) in IceWarp, an EU-made business communication and collaboration platform, may be exploited by attackers to gain unauthorized access to exposed unpatched servers. According to the Shadowserver Foundation, there are currently over 1,200 internet-facing
Over 1,200 IceWarp servers still vulnerable to unauthenticated RCE flaw (CVE-2025-14500) Read More »
VMware Aria Operations Vulnerability Exploited in the Wild 2026-03-04 at 09:28 By Eduard Kovacs The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution. The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
VMware Aria Operations Vulnerability Exploited in the Wild Read More »
Coruna: Spy-grade iOS exploit kit powering financial crime 2026-03-03 at 21:02 By Zeljka Zorz A powerful iOS exploit kit has circulated among multiple threat actors over the past year, moving from a commercial surveillance operation to state-linked espionage campaigns and, ultimately, ended into the hands of financially motivated hackers, according to new research from Google’s
Coruna: Spy-grade iOS exploit kit powering financial crime Read More »
Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability 2026-03-03 at 19:46 By Eduard Kovacs The researcher says he has identified thousands of internet-exposed IQ4 building management controllers. The post Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Honeywell, Researcher Clash Over Impact of Building Controller Vulnerability Read More »
Android Update Patches Exploited Qualcomm Zero-Day 2026-03-03 at 15:07 By Ionut Arghire An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption. The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Android Update Patches Exploited Qualcomm Zero-Day Read More »
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise 2026-03-03 at 13:58 By Ionut Arghire Improper input sanitization in the framework can be exploited through the Shell tool, allowing attackers to modify system files and steal data. The post Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise appeared first on SecurityWeek. This
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise Read More »
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant 2026-03-02 at 17:46 By Ionut Arghire Malicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files. The post Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant Read More »
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents 2026-03-02 at 16:57 By Ionut Arghire Malicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent. The post OpenClaw Vulnerability Allowed Websites to Hijack AI Agents appeared first on SecurityWeek. This article is an
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents Read More »
Juniper Networks PTX Routers Affected by Critical Vulnerability 2026-02-27 at 12:47 By Eduard Kovacs An out-of-band security update for Junos OS Evolved patches the remote code execution vulnerability CVE-2026-21902. The post Juniper Networks PTX Routers Affected by Critical Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Juniper Networks PTX Routers Affected by Critical Vulnerability Read More »
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking 2026-02-27 at 10:17 By Eduard Kovacs CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio. The post Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking appeared first on SecurityWeek. This article is an excerpt
Critical Flaws Exposed Gardyn Smart Gardens to Remote Hacking Read More »