vulnerability

Microsoft Patches 200 Vulnerabilities

Microsoft Patches 200 Vulnerabilities 2026-06-09 at 22:39 By Eduard Kovacs Three of the vulnerabilities fixed with the latest Patch Tuesday updates were publicly disclosed before Microsoft addressed them. The post Microsoft Patches 200 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 200 Vulnerabilities Read More »

OpenSSL Patches High-Severity Vulnerability Found With AI

OpenSSL Patches High-Severity Vulnerability Found With AI 2026-06-09 at 20:08 By Eduard Kovacs A total of 18 vulnerabilities have been patched in the latest OpenSSL releases, including many that were potentially discovered by AI. The post OpenSSL Patches High-Severity Vulnerability Found With AI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

OpenSSL Patches High-Severity Vulnerability Found With AI Read More »

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation 2026-06-09 at 18:18 By Ionut Arghire Public LLM models with safeguards turned off can also build working exploits, increasing patch gap risks. The post Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Claude Mythos Turns N-Days Into N-Hours With Rapid Exploit Creation Read More »

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) 2026-06-09 at 15:21 By Zeljka Zorz A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. About CVE-2026-42271 LiteLLM is

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) Read More »

SAP Patches Critical NetWeaver, Commerce Vulnerabilities

SAP Patches Critical NetWeaver, Commerce Vulnerabilities 2026-06-09 at 15:21 By Ionut Arghire The flaws could lead to the disclosure of sensitive information, memory corruption, and disruption of normal system usage. The post SAP Patches Critical NetWeaver, Commerce Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SAP Patches Critical NetWeaver, Commerce Vulnerabilities Read More »

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) 2026-06-08 at 16:16 By Zeljka Zorz A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the company announced on Monday. About CVE-2026-50751 Check Point Remote Access VPN enables and secures connections between

Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751) Read More »

Everest Forms Vulnerability Exploited to Hack WordPress Sites

Everest Forms Vulnerability Exploited to Hack WordPress Sites 2026-06-08 at 16:16 By Ionut Arghire The flaw allows attackers to execute arbitrary code remotely and has been exploited in the wild for two months. The post Everest Forms Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Everest Forms Vulnerability Exploited to Hack WordPress Sites Read More »

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318)

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) 2026-06-08 at 14:07 By Zeljka Zorz A vulnerability (CVE-2026-28318) that can be exploited to crash SolarWinds Serv-U file transfer servers is being leveraged by attackers in the wild, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Friday. The agency has ordered US federal civilian

CISA: Patch actively exploited SolarWinds Serv-U DoS vulnerability (CVE-2026-28318) Read More »

SolarWinds Serv-U Vulnerability Exploited in the Wild

SolarWinds Serv-U Vulnerability Exploited in the Wild 2026-06-08 at 13:09 By Ionut Arghire Unauthenticated attackers can exploit the flaw via specially crafted POST requests that crash the Serv-U service. The post SolarWinds Serv-U Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SolarWinds Serv-U Vulnerability Exploited in the Wild Read More »

Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation

Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation 2026-06-07 at 18:57 By Ionut Arghire Emphere’s solution delivers AI-driven remediation to software companies to speed up releases. The post Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Emphere Raises $2.1 Million for AI-Powered Vulnerability Remediation Read More »

Gemini Voice Assistant Hijacked via Messaging Notifications

Gemini Voice Assistant Hijacked via Messaging Notifications 2026-06-04 at 16:06 By Eduard Kovacs Attackers could have triggered dangerous actions, including controlling smart home devices via Google Home and starting Zoom video calls. The post Gemini Voice Assistant Hijacked via Messaging Notifications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Gemini Voice Assistant Hijacked via Messaging Notifications Read More »

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers 2026-06-04 at 16:06 By Ionut Arghire A flaw in the Full Page Cache Warmer extension can be exploited without authentication via serialized PHP object payloads. The post Mirasvit Vulnerability Exploited to Execute Code on Magento Servers appeared first on SecurityWeek. This article is an excerpt from

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers Read More »

Cisco Warns of Available PoC for Critical Unified CM Vulnerability

Cisco Warns of Available PoC for Critical Unified CM Vulnerability 2026-06-04 at 13:16 By Ionut Arghire The high-severity flaw can be exploited remotely, without authentication, in server-side request forgery (SSRF) attacks. The post Cisco Warns of Available PoC for Critical Unified CM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Cisco Warns of Available PoC for Critical Unified CM Vulnerability Read More »

VS Code Vulnerability Allows One-Click GitHub Token Theft

VS Code Vulnerability Allows One-Click GitHub Token Theft 2026-06-04 at 13:16 By Eduard Kovacs A researcher has disclosed the full details of the vulnerability and released a PoC without notifying Microsoft in advance. The post VS Code Vulnerability Allows One-Click GitHub Token Theft appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

VS Code Vulnerability Allows One-Click GitHub Token Theft Read More »

‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in Seconds

‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in Seconds 2026-06-03 at 13:52 By Ionut Arghire The default HTTP/2 configuration of major web servers is vulnerable to an attack chain combining a compression bomb and a Slowloris-style hold. The post ‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in Seconds appeared first on SecurityWeek. This article is

‘HTTP/2 Bomb’ Exploit Knocks Web Servers Offline in Seconds Read More »

Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk

Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk 2026-06-02 at 18:01 By Kevin Townsend A simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations. The post Exclusive: How One Line of Code Put Billions of Microsoft Android

Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk Read More »

Scroll to Top