vulnerability

38 Vulnerabilities Found in OpenEMR Medical Software

38 Vulnerabilities Found in OpenEMR Medical Software 2026-04-29 at 12:54 By Eduard Kovacs Some of the vulnerabilities discovered by Aisle can be exploited to access and alter sensitive patient information. The post 38 Vulnerabilities Found in OpenEMR Medical Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

38 Vulnerabilities Found in OpenEMR Medical Software Read More »

Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety

Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety 2026-04-28 at 15:10 By Eduard Kovacs Vulnerabilities in Zero Motorcycles electric motorcycles and Yadea electric scooters can pose physical security and safety risks. The post Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety appeared first on SecurityWeek. This article

Electric Motorcycles and Scooters Face Hacking Risks to Security and Rider Safety Read More »

No Patch for New PhantomRPC Privilege Escalation Technique in Windows

No Patch for New PhantomRPC Privilege Escalation Technique in Windows 2026-04-28 at 15:09 By Ionut Arghire A fake RPC server can be used to listen for RPC requests and impersonate the target service to elevate privileges to System. The post No Patch for New PhantomRPC Privilege Escalation Technique in Windows appeared first on SecurityWeek. This

No Patch for New PhantomRPC Privilege Escalation Technique in Windows Read More »

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete Windows Patch Opens Door to Zero-Click Attacks 2026-04-27 at 20:43 By Ionut Arghire The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries. The post Incomplete Windows Patch Opens Door to Zero-Click Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Incomplete Windows Patch Opens Door to Zero-Click Attacks Read More »

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years 2026-04-27 at 20:43 By Ionut Arghire A code reuse issue enabled comma characters in certificate principals to be interpreted as list separators. The post OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years appeared first on SecurityWeek. This article is an excerpt

OpenSSH Flaw Allowing Full Root Shell Access Lurked for 15 Years Read More »

Firefox Vulnerability Allows Tor User Fingerprinting

Firefox Vulnerability Allows Tor User Fingerprinting 2026-04-27 at 11:49 By Eduard Kovacs The vulnerability is tracked as CVE-2026-6770 and it has been patched with the release of Firefox 150 and Tor 15.0.10. The post Firefox Vulnerability Allows Tor User Fingerprinting appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Firefox Vulnerability Allows Tor User Fingerprinting Read More »

Vulnerabilities Patched in CrowdStrike, Tenable Products

Vulnerabilities Patched in CrowdStrike, Tenable Products 2026-04-24 at 13:17 By Eduard Kovacs CrowdStrike has fixed a critical LogScale vulnerability, while Tenable addressed a high-severity Nessus flaw. The post Vulnerabilities Patched in CrowdStrike, Tenable Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Vulnerabilities Patched in CrowdStrike, Tenable Products Read More »

The Week in Vulnerabilities: SharePoint, Fortinet, OpenClaw, and GPL Odorizers

The Week in Vulnerabilities: SharePoint, Fortinet, OpenClaw, and GPL Odorizers 2026-04-24 at 05:54 By Mihir Bagwe Cyble Research & Intelligence Labs (CRIL) weekly vulnerability report tracked 1,675 vulnerabilities, last week, reflecting continued high disclosure volume across enterprise software, cloud services, and emerging AI ecosystems. Of these, more than 205 vulnerabilities have publicly available Proof-of-Concept (PoC)

The Week in Vulnerabilities: SharePoint, Fortinet, OpenClaw, and GPL Odorizers Read More »

Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950)

Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950) 2026-04-23 at 14:17 By Zeljka Zorz Apple has rolled out security updates for iPhones and iPads that fix CVE-2026-28950, a logging issue in Notification Services that made devices unexpectedly retain notifications marked for deletion. The vulnerability was patched following a recent report about the

Apple fixes iPhone bug that let FBI retrieve deleted Signal messages(CVE-2026-28950) Read More »

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

Recent Microsoft Defender Vulnerability Exploited as Zero-Day 2026-04-23 at 12:17 By Ionut Arghire The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges. The post Recent Microsoft Defender Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent Microsoft Defender Vulnerability Exploited as Zero-Day Read More »

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats 2026-04-23 at 12:17 By Ionut Arghire Apple rolled out the security patches for dozens of iPhone and iPad models and generations. The post Apple Patches iOS Flaw Allowing Recovery of Deleted Chats appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats Read More »

Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)

Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876) 2026-04-22 at 14:47 By Zeljka Zorz Progress Software has fixed a slew of high-severity vulnerabilities in MOVEit WAF and LoadMaster, including a flaw (CVE-2026-21876) that may allow attackers to bypass firewall detection. MOVEit WAF (web application firewall) is designed to protect Progress’s managed file transfer platform MOVEit

Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876) Read More »

Claude Mythos Finds 271 Firefox Vulnerabilities

Claude Mythos Finds 271 Firefox Vulnerabilities 2026-04-22 at 14:47 By Eduard Kovacs All the flaws could have also been found by an elite human researcher, according to Mozilla. The post Claude Mythos Finds 271 Firefox Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Claude Mythos Finds 271 Firefox Vulnerabilities Read More »

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals 2026-04-22 at 13:47 By Eduard Kovacs Researchers discovered a remote code execution vulnerability and cybercriminals are using its reputation to deliver malware. The post Google Antigravity in Crosshairs of Security Researchers, Cybercriminals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals Read More »

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle Patches 450 Vulnerabilities With April 2026 CPU 2026-04-22 at 11:49 By Ionut Arghire The company released 481 new security patches across 28 product families, including over 300 fixes for remotely exploitable, unauthenticated flaws. The post Oracle Patches 450 Vulnerabilities With April 2026 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Oracle Patches 450 Vulnerabilities With April 2026 CPU Read More »

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking 2026-04-20 at 20:37 By Eduard Kovacs Forescout researchers discovered 20 new vulnerabilities in Lantronix and Silex products and described theoretical attack scenarios. The post Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking Read More »

Threat Landscape March 2026: Ransomware Dominance, Access Brokers, Data Leaks, and Critical Exploitation Trends

Threat Landscape March 2026: Ransomware Dominance, Access Brokers, Data Leaks, and Critical Exploitation Trends 2026-04-20 at 14:37 By Mihir Bagwe Cyble Research & Intelligence Labs (CRIL) in its monthly threat landscape analysis observed a highly active threat environment throughout March 2026, shaped by large-scale ransomware campaigns, persistent data breach activity, growing initial access brokerage markets,

Threat Landscape March 2026: Ransomware Dominance, Access Brokers, Data Leaks, and Critical Exploitation Trends Read More »

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers 2026-04-20 at 11:16 By Ionut Arghire In-the-wild exploitation has been ongoing for a year, but no successful payload execution has been observed. The post Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers Read More »

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

Recent Apache ActiveMQ Vulnerability Exploited in the Wild 2026-04-17 at 14:32 By Eduard Kovacs The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. The post Recent Apache ActiveMQ Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent Apache ActiveMQ Vulnerability Exploited in the Wild Read More »

Cursor AI Vulnerability Exposed Developer Devices

Cursor AI Vulnerability Exposed Developer Devices 2026-04-17 at 10:30 By Ionut Arghire An indirect prompt injection could be chained with a sandbox bypass and Cursor’s remote tunnel feature for shell access to machines. The post Cursor AI Vulnerability Exposed Developer Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cursor AI Vulnerability Exposed Developer Devices Read More »

Scroll to Top