vulnerability

Unpatched ScreenConnect servers open to attack (CVE-2026-3564)

ConnectWise, Don't miss, Hot stuff, MSP, News, remote management, vulnerability /

Unpatched ScreenConnect servers open to attack (CVE-2026-3564) 2026-03-20 at 11:44 By Zeljka Zorz ConnectWise has patched a critical vulnerability (CVE-2026-3564) that could enable attackers to hijack ScreenConnect sessions by abusing ASP.NET machine keys to forge trusted authentication. About CVE-2026-3564 The ScreenConnect remote access platform is popular with managed service providers, IT departments, and technology solution […]

Unpatched ScreenConnect servers open to attack (CVE-2026-3564) Read More »

The Week in Vulnerabilities: Juniper, Cisco SD-WAN, and Critical ICS Exposure

cyber news, vulnerability, vulnerability management /

The Week in Vulnerabilities: Juniper, Cisco SD-WAN, and Critical ICS Exposure 2026-03-20 at 11:15 By Ashish Khaitan Cyble Research & Intelligence Labs (CRIL) tracked 1,641 vulnerabilities between March 04 and March 10, 2026. Of these, 175 vulnerabilities already have publicly available Proof-of-Concept (PoC) exploits, significantly increasing the likelihood of real-world attacks.  A total of 200 vulnerabilities were rated critical under CVSS v3.1, while 61

The Week in Vulnerabilities: Juniper, Cisco SD-WAN, and Critical ICS Exposure Read More »

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

AI, Artificial Intelligence, exploited, Langflow, Vulnerabilities, vulnerability /

Critical Langflow Vulnerability Exploited Hours After Public Disclosure 2026-03-20 at 10:42 By Ionut Arghire Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution. The post Critical Langflow Vulnerability Exploited Hours After Public Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Langflow Vulnerability Exploited Hours After Public Disclosure Read More »

Critical ScreenConnect Vulnerability Exposes Machine Keys

ConnectWise, ScreenConnect, Vulnerabilities, vulnerability /

Critical ScreenConnect Vulnerability Exposes Machine Keys 2026-03-19 at 22:27 By Ionut Arghire Latest ScreenConnect version adds encrypted storage and management to prevent unauthorized access to machine keys. The post Critical ScreenConnect Vulnerability Exposes Machine Keys appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical ScreenConnect Vulnerability Exposes Machine Keys Read More »

Russian APT Exploits Zimbra Vulnerability Against Ukraine

CISA KEV, exploited, Malware & Threats, phishing, Vulnerabilities, vulnerability, Zimbra /

Russian APT Exploits Zimbra Vulnerability Against Ukraine 2026-03-19 at 16:53 By Ionut Arghire Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Russian APT Exploits Zimbra Vulnerability Against Ukraine Read More »

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963)

CISA, Don't miss, Hot stuff, Microsoft, News, SharePoint, vulnerability /

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) 2026-03-19 at 13:32 By Zeljka Zorz CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to its Known Exploited Vulnerabilities

CISA warns of active exploitation of Microsoft SharePoint vulnerability (CVE-2026-20963) Read More »

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

CISA KEV, exploited, SharePoint, Vulnerabilities, vulnerability /

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability 2026-03-19 at 12:02 By Eduard Kovacs The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability Read More »

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks

Cisco, exploited, Featured, firewall, InterLock, Ransomware, Vulnerabilities, vulnerability /

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks 2026-03-19 at 11:01 By Eduard Kovacs Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia. The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek. This article is an

Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks Read More »

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch

controversy, disputed, Featured, Privacy, View Once, Vulnerabilities, vulnerability, WhatsApp /

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch 2026-03-18 at 12:47 By Eduard Kovacs Meta does not plan on fixing the vulnerability because it involves the use of a modified client application. The post Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch appeared first on SecurityWeek. This article is an excerpt

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won’t Patch Read More »

UK Companies House Exposed Details of Millions of Firms 

Companies House, Government, UK, vulnerability /

UK Companies House Exposed Details of Millions of Firms  2026-03-17 at 17:45 By Eduard Kovacs The government agency confirmed the vulnerability could have been exploited to obtain company details and alter records.   The post UK Companies House Exposed Details of Millions of Firms  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

UK Companies House Exposed Details of Millions of Firms  Read More »

CISA Flags Year-Old Wing FTP Vulnerability as Exploited

CISA KEV, exploited, Vulnerabilities, vulnerability, Wing FTP server /

CISA Flags Year-Old Wing FTP Vulnerability as Exploited 2026-03-17 at 13:35 By Ionut Arghire Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CISA Flags Year-Old Wing FTP Vulnerability as Exploited Read More »

Millions of UK firms on alert after Companies House data exposure

EU, Government, News, UK, vulnerability /

Millions of UK firms on alert after Companies House data exposure 2026-03-17 at 12:21 By Sinisa Markovic Companies House, the UK’s official company registry, said its WebFiling service is back online after being shut down on Friday to fix a security issue that may have exposed the personal data of millions of firms. An investigation

Millions of UK firms on alert after Companies House data exposure Read More »

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets

Aruba, HPE, password, Switch, Vulnerabilities, vulnerability /

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets 2026-03-14 at 13:02 By Ionut Arghire The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls. The post Critical HPE AOS-CX Vulnerability Allows Admin Password Resets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets Read More »

Chrome 146 Update Patches Two Exploited Zero-Days

Chrome, exploited, Featured, Vulnerabilities, vulnerability, Zero-Day /

Chrome 146 Update Patches Two Exploited Zero-Days 2026-03-13 at 09:50 By Ionut Arghire The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution. The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 146 Update Patches Two Exploited Zero-Days Read More »

Cisco Patches High-Severity IOS XR Vulnerabilities

Cisco, Vulnerabilities, vulnerability /

Cisco Patches High-Severity IOS XR Vulnerabilities 2026-03-12 at 15:45 By Ionut Arghire The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches High-Severity IOS XR Vulnerabilities Read More »

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

Ally, plugin, plugin vulnerability, Vulnerabilities, vulnerability, WordPress /

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks 2026-03-12 at 14:43 By Ionut Arghire The issue allows attackers to inject SQL queries and extract sensitive information from the database. The post Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks Read More »

Splunk, Zoom Patch Severe Vulnerabilities

patch, Splunk, Vulnerabilities, vulnerability, Zoom /

Splunk, Zoom Patch Severe Vulnerabilities 2026-03-12 at 14:06 By Ionut Arghire Critical- and high-severity flaws could be exploited to execute arbitrary shell commands or elevate privileges. The post Splunk, Zoom Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Splunk, Zoom Patch Severe Vulnerabilities Read More »

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited

Don't miss, Hot stuff, Immersive, Microsoft, MS Office, MS SQL Server, NCSC-NL, News, Outlook, Rapid7, security update, Trend Micro, vulnerability, Windows /

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited 2026-03-11 at 12:31 By Zeljka Zorz On March 2026 Patch Tuesday, Microsoft addressed 80+ vulnerabilities affecting its software and cloud services. Of these, two were publicly disclosed, but not actively exploited. Privilege escalation vulnerabilities abound The two publicly disclosed flaws are CVE-2026-21262, a

Microsoft patches 80+ vulnerabilities, six flagged as “more likely” to be exploited Read More »

Microsoft Patches 83 Vulnerabilities

Featured, Microsoft, Patch Tuesday, Vulnerabilities, vulnerability /

Microsoft Patches 83 Vulnerabilities 2026-03-10 at 21:12 By Ionut Arghire Microsoft has fixed a critical vulnerability, but none of the flaws fixed this Patch Tuesday has been exploited in the wild. The post Microsoft Patches 83 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 83 Vulnerabilities Read More »

Adobe Patches 80 Vulnerabilities Across Eight Products

Adobe, patch, Patch Tuesday, Vulnerabilities, vulnerability /

Adobe Patches 80 Vulnerabilities Across Eight Products 2026-03-10 at 20:22 By Ionut Arghire Adobe has rolled out patches for 80 vulnerabilities across 8 products, including Commerce, Illustrator, Acrobat Reader, and Premiere Pro. The post Adobe Patches 80 Vulnerabilities Across Eight Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Patches 80 Vulnerabilities Across Eight Products Read More »

Scroll to Top