vulnerability

Hackers Targeting Cisco Unified CM Zero-Day 

Hackers Targeting Cisco Unified CM Zero-Day  2026-01-22 at 11:07 By Eduard Kovacs Cisco has released patches for CVE-2026-20045, a critical vulnerability that can be exploited for unauthenticated remote code execution. The post Hackers Targeting Cisco Unified CM Zero-Day  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Targeting Cisco Unified CM Zero-Day  Read More »

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718?

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? 2026-01-21 at 22:22 By Zeljka Zorz CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS. According to Fortinet, CVE-2025-59718 had been fixed in FortiOS versions 7.6.4 or

Fully patched FortiGate firewalls are getting compromised via CVE-2025-59718? Read More »

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) 2026-01-21 at 20:57 By Zeljka Zorz Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the wild, the company announced on Wednesday via a security advisory. About CVE-2026-20045 CVE-2026-20045 is

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) Read More »

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure 2026-01-21 at 13:46 By Ionut Arghire Impacting Anthropic’s official MCP server, the vulnerabilities can be exploited through prompt injections. The post Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure Read More »

Oracle’s First 2026 CPU Delivers 337 New Security Patches

Oracle’s First 2026 CPU Delivers 337 New Security Patches 2026-01-21 at 12:53 By Ionut Arghire Oracle’s January 2026 CPU resolves roughly 230 unique vulnerabilities across more than 30 products. The post Oracle’s First 2026 CPU Delivers 337 New Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Oracle’s First 2026 CPU Delivers 337 New Security Patches Read More »

Chainlit Vulnerabilities May Leak Sensitive Information

Chainlit Vulnerabilities May Leak Sensitive Information 2026-01-20 at 17:01 By Ionut Arghire The two bugs, an arbitrary file read and an SSRF bug, can be exploited without user interaction to leak credentials, databases, and other data. The post Chainlit Vulnerabilities May Leak Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Chainlit Vulnerabilities May Leak Sensitive Information Read More »

TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking

TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking 2026-01-19 at 17:21 By Eduard Kovacs The researcher who discovered the vulnerability saw more than 2,500 internet-exposed devices. The post TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking Read More »

New StackWarp Attack Threatens Confidential VMs on AMD Processors

New StackWarp Attack Threatens Confidential VMs on AMD Processors 2026-01-15 at 20:27 By Eduard Kovacs Researchers have disclosed technical details on a new AMD processor attack that allows remote code execution inside confidential VMs. The post New StackWarp Attack Threatens Confidential VMs on AMD Processors appeared first on SecurityWeek. This article is an excerpt from

New StackWarp Attack Threatens Confidential VMs on AMD Processors Read More »

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155)

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) 2026-01-15 at 15:27 By Zeljka Zorz A critical vulnerability (CVE-2025-64155) in Fortinet’s FortiSIEM security platform has now been accompanied by publicly released proof-of-concept (PoC) exploit code, raising the urgency for organizations to patch immediately. About CVE-2025-64155 CVE-2025-64155 may allow unauthenticated, remote attackers to execute unauthorized code or

PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) Read More »

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact 2026-01-15 at 11:34 By Eduard Kovacs Only a dozen new advisories have been published this Patch Tuesday by industrial giants.  The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Aveva, Phoenix Contact Read More »

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM 2026-01-14 at 11:56 By Ionut Arghire Exploitable without authentication, the two security defects could lead to configuration leak and code execution. The post Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM Read More »

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities 2026-01-14 at 11:50 By Ionut Arghire The two browser updates resolve 26 security defects, including bugs that could be exploited for code execution. The post Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities Read More »

Adobe Patches Critical Apache Tika Bug in ColdFusion

Adobe Patches Critical Apache Tika Bug in ColdFusion 2026-01-13 at 22:09 By Ionut Arghire Adobe has released patches for 25 vulnerabilities across its products, including a critical Apache Tika flaw in ColdFusion. The post Adobe Patches Critical Apache Tika Bug in ColdFusion appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Adobe Patches Critical Apache Tika Bug in ColdFusion Read More »

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities 2026-01-13 at 21:52 By Eduard Kovacs Two vulnerabilities patched this month by Microsoft were disclosed publicly before fixes were released. The post Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited Windows Zero-Day, 111 Other Vulnerabilities Read More »

Broadcom Wi-Fi Chipset Flaw Allows Hackers to Disrupt Networks

Broadcom Wi-Fi Chipset Flaw Allows Hackers to Disrupt Networks 2026-01-13 at 17:45 By Eduard Kovacs The vulnerability was discovered in Asus routers, but all devices using the affected chipset are susceptible to attacks.  The post Broadcom Wi-Fi Chipset Flaw Allows Hackers to Disrupt Networks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Broadcom Wi-Fi Chipset Flaw Allows Hackers to Disrupt Networks Read More »

Instagram Fixes Password Reset Vulnerability Amid User Data Leak

Instagram Fixes Password Reset Vulnerability Amid User Data Leak 2026-01-12 at 16:35 By Ionut Arghire The social media platform confirmed that the issue allowed third parties to send password reset emails to Instagram users. The post Instagram Fixes Password Reset Vulnerability Amid User Data Leak appeared first on SecurityWeek. This article is an excerpt from

Instagram Fixes Password Reset Vulnerability Amid User Data Leak Read More »

Trend Micro Patches Critical Code Execution Flaw in Apex Central

Trend Micro Patches Critical Code Execution Flaw in Apex Central 2026-01-09 at 16:04 By Eduard Kovacs Tenable has released PoC code and technical details after the vendor announced the availability of patches for three vulnerabilities. The post Trend Micro Patches Critical Code Execution Flaw in Apex Central appeared first on SecurityWeek. This article is an

Trend Micro Patches Critical Code Execution Flaw in Apex Central Read More »

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over 2026-01-09 at 15:44 By Ionut Arghire The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. The post CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over appeared first on SecurityWeek. This article is an excerpt from

CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over Read More »

The Week in Vulnerabilities: 2026 Starts with 100 PoCs and New Exploits 

The Week in Vulnerabilities: 2026 Starts with 100 PoCs and New Exploits  2026-01-09 at 13:39 By Ashish Khaitan Cyble Vulnerability Intelligence researchers tracked 678 vulnerabilities in the last week, a decline from the high volume of new vulnerabilities observed in the last few weeks of 2025.   Nearly 100 of the disclosed vulnerabilities already have a publicly available Proof-of-Concept (PoC), significantly increasing the likelihood of real-world attacks on those vulnerabilities.  A total of 42 vulnerabilities were rated as critical under

The Week in Vulnerabilities: 2026 Starts with 100 PoCs and New Exploits  Read More »

Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164)

Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164) 2026-01-08 at 16:43 By Zeljka Zorz An unauthenticated remote code execution vulnerability (CVE-2025-37164) affecting certain versions of HPE OneView is being leveraged by attackers, CISA confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog. The vulnerability’s inclusion in the catalog is unsurprising, as technical

Recently fixed HPE OneView flaw is being exploited (CVE-2025-37164) Read More »

Scroll to Top