vulnerability

Russian APT Exploits Zimbra Vulnerability Against Ukraine

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) 2026-03-19 at 13:32 By Zeljka Zorz CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks 2026-03-19 at 11:01 By Eduard Kovacs Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article is an

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks Read More »

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch 2026-03-18 at 12:47 By Eduard Kovacs Meta does not plan on fixing the vulnerability because it involves the use of a modified client application. The post Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch appeared first on SecurityWeek. This article is an excerpt

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch Read More »

UK Companies House Exposed Details of Millions of Firms 

UK Companies House Exposed Details of Millions of Firms  2026-03-17 at 17:45 By Eduard Kovacs The government agency confirmed the vulnerability could have been exploited to obtain company details and alter records.   The post UK Companies House Exposed Details of Millions of Firms  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

UK Companies House Exposed Details of Millions of Firms  Read More »

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA Flags Year-Old Wing FTP Vulnerability as Exploited 2026-03-17 at 13:35 By Ionut Arghire Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Read More »

Millions of UK firms on alert after Companies House data exposure

Millions of UK firms on alert after Companies House data exposure 2026-03-17 at 12:21 By Sinisa Markovic Companies House, the UK’s official company registry, said its WebFiling service is back online after being shut down on Friday to fix a security issue that may have exposed the personal data of millions of firms. An investigation

Millions of UK firms on alert after Companies House data exposure Read More »

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets 2026-03-14 at 13:02 By Ionut Arghire The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls. The post Critical HPE AOS-CX Vulnerability Allows Admin Password Resets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets Read More »

Chrome 146 Update Patches Two Exploited Zero-Days

Chrome 146 Update Patches Two Exploited Zero-Days 2026-03-13 at 09:50 By Ionut Arghire The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution. The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 146 Update Patches Two Exploited Zero-Days Read More »

Cisco Patches High-Severity IOS XR Vulnerabilities

Cisco Patches High-Severity IOS XR Vulnerabilities 2026-03-12 at 15:45 By Ionut Arghire The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches High-Severity IOS XR Vulnerabilities Read More »

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks 2026-03-12 at 14:43 By Ionut Arghire The issue allows attackers to inject SQL queries and extract sensitive information from the database. The post Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks Read More »

Splunk, Zoom Patch Severe Vulnerabilities

Splunk, Zoom Patch Severe Vulnerabilities 2026-03-12 at 14:06 By Ionut Arghire Critical- and high-severity flaws could be exploited to execute arbitrary shell commands or elevate privileges. The post Splunk, Zoom Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Splunk, Zoom Patch Severe Vulnerabilities Read More »

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited 2026-03-11 at 12:31 By Zeljka Zorz On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively exploited. Privilege escalation vulnerabilities abound The two publicly disclosed flaws are CVE-2026-21262, a

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited Read More »

Microsoft Patches 83 Vulnerabilities

Microsoft Patches 83 Vulnerabilities 2026-03-10 at 21:12 By Ionut Arghire Microsoft has fixed a critical vulnerability, but none of the flaws fixed this Patch Tuesday has been exploited in the wild. The post Microsoft Patches 83 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 83 Vulnerabilities Read More »

Adobe Patches 80 Vulnerabilities Across Eight Products

Adobe Patches 80 Vulnerabilities Across Eight Products 2026-03-10 at 20:22 By Ionut Arghire Adobe has rolled out patches for 80 vulnerabilities across 8 products, including Commerce, Illustrator, Acrobat Reader, and Premiere Pro. The post Adobe Patches 80 Vulnerabilities Across Eight Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Patches 80 Vulnerabilities Across Eight Products Read More »

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities 2026-03-10 at 16:33 By Ionut Arghire A code injection bug in FS-QUO and an insecure deserialization flaw in NetWeaver could lead to arbitrary code execution. The post SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities Read More »

OpenAI Rolls Out Codex Security Vulnerability Scanner

OpenAI Rolls Out Codex Security Vulnerability Scanner 2026-03-10 at 16:33 By Eduard Kovacs Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month. The post OpenAI Rolls Out Codex Security Vulnerability Scanner appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

OpenAI Rolls Out Codex Security Vulnerability Scanner Read More »

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks 2026-03-10 at 15:06 By Ionut Arghire CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks Read More »

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List 2026-03-06 at 15:38 By Ionut Arghire The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List Read More »

Scroll to Top