vulnerability

F5 Patches Critical, High-Severity NGINX Vulnerabilities

F5 Patches Critical, High-Severity NGINX Vulnerabilities 2026-06-18 at 12:39 By Ionut Arghire Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code. The post F5 Patches Critical, High-Severity NGINX Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

F5 Patches Critical, High-Severity NGINX Vulnerabilities Read More »

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software 2026-06-17 at 14:32 By Eduard Kovacs The industrial automation giant has fixed security holes in Logix, CompactLogix, Flex, RSLinx, and FactoryTalk products. The post Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software Read More »

Oracle’s Second Monthly Security Updates Deliver 245 Patches 

Oracle’s Second Monthly Security Updates Deliver 245 Patches  2026-06-17 at 12:04 By Eduard Kovacs Oracle has released its June 2026 Critical Security Patch Update to fix vulnerabilities in Communications, EBS, Enterprise Manager and other products. The post Oracle’s Second Monthly Security Updates Deliver 245 Patches  appeared first on SecurityWeek. This article is an excerpt from

Oracle’s Second Monthly Security Updates Deliver 245 Patches  Read More »

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities 2026-06-17 at 11:21 By Ionut Arghire The browser updates address multiple memory safety bugs that could potentially lead to remote code execution. The post Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities Read More »

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks 2026-06-17 at 10:28 By Ionut Arghire The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. The post Joomla, LiteSpeed Vulnerabilities Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks Read More »

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs 2026-06-17 at 09:53 By Eduard Kovacs SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking.  The post 3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs Read More »

Attackers are exploiting FortiSandbox vulnerabilities

Attackers are exploiting FortiSandbox vulnerabilities 2026-06-16 at 18:27 By Zeljka Zorz Attackers have been spotted exploiting three vulnerabilities (CVE-2026-39813, CVE-2026-39808, CVE-2026-25089) in FortiSandbox, a platform that other Fortinet security products depend on for threat verdicts to enforce blocking decisions and trigger automated responses. The warning came on Monday from threat intelligence company Defused, which said

Attackers are exploiting FortiSandbox vulnerabilities Read More »

SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558)

SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558) 2026-06-16 at 16:33 By Zeljka Zorz A critical vulnerability (CVE-2026-48558) in SimpleHelp, a popular remote monitoring and management (RMM) tool, can be exploited remotely by unauthenticated attackers to create a new “Technician” account and use it to remote into managed endpoints, execute scripts,

SimpleHelp RMM flaw could give attackers full access to managed endpoints (CVE-2026-48558) Read More »

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751) 2026-06-12 at 15:14 By Zeljka Zorz WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attacks were

Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751) Read More »

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Ivanti Sentry Exploitation Attempts Hitting Honeypots 2026-06-12 at 12:44 By Ionut Arghire The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation Attempts Hitting Honeypots appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ivanti Sentry Exploitation Attempts Hitting Honeypots Read More »

Chrome 149 Update Patches 28 Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities 2026-06-12 at 12:27 By Ionut Arghire The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs. The post Chrome 149 Update Patches 28 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 149 Update Patches 28 Vulnerabilities Read More »

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk 2026-06-11 at 16:01 By Ionut Arghire The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. The post CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk appeared first on SecurityWeek. This

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk Read More »

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert 2026-06-11 at 15:41 By Zeljka Zorz A zero-day vulnerability (CVE-2026-35273) in Oracle PeopleSoft PeopleTools is being exploited in the wild, Charles Carmakal, CTO at cybersecurity firm Mandiant, part of Google Cloud, warned today. The warning comes a day after Oracle published an out-of-band security alert

Oracle PeopleSoft servers under attack, Oracle pushes out-of-band security alert Read More »

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers Exploit Langflow Vulnerability for Remote Code Execution 2026-06-11 at 14:52 By Ionut Arghire Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system. The post Hackers Exploit Langflow Vulnerability for Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Hackers Exploit Langflow Vulnerability for Remote Code Execution Read More »

Microsoft Patches Exploited Exchange Server Vulnerability

Microsoft Patches Exploited Exchange Server Vulnerability 2026-06-11 at 11:18 By Eduard Kovacs The company warned about zero-day attacks exploiting the Exchange Server vulnerability CVE-2026-42897 on May 14.  The post Microsoft Patches Exploited Exchange Server Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Exploited Exchange Server Vulnerability Read More »

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) 2026-06-10 at 17:24 By Zeljka Zorz Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the vulnerabilities are not known to be actively exploited, security researchers have already released technical details

Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520) Read More »

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers 2026-06-10 at 17:24 By Eduard Kovacs Claroty researchers have analyzed the security of Vertiv UPS network cards and the Trane Tracer SC+ HVAC controller. The post Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers appeared first on SecurityWeek. This article is

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers Read More »

ServiceNow Patches Vulnerability Exploited Against Some Customers

ServiceNow Patches Vulnerability Exploited Against Some Customers 2026-06-10 at 14:22 By Eduard Kovacs The company updated hosted customer instances to patch a security issue it reportedly had known about since April 7. The post ServiceNow Patches Vulnerability Exploited Against Some Customers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ServiceNow Patches Vulnerability Exploited Against Some Customers Read More »

Critical Vulnerabilities Patched in Fortinet, Ivanti Products

Critical Vulnerabilities Patched in Fortinet, Ivanti Products 2026-06-10 at 12:16 By Ionut Arghire Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution. The post Critical Vulnerabilities Patched in Fortinet, Ivanti Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Vulnerabilities Patched in Fortinet, Ivanti Products Read More »

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact 2026-06-10 at 10:42 By Eduard Kovacs In addition, Rockwell Automation announced some enhancements to its SecureOT cybersecurity solution for OT. The post ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

ICS Patch Tuesday: Vulnerabilities Fixed by Siemens, Schneider, Phoenix Contact Read More »

Scroll to Top