Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Artificial Intelligence

Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps

Attackers could abuse Dify's multi-tenant cloud service to read private chats, preview other tenants' documents, and reach internal APIs.

Ionut Arghire6 hours ago

Mobile & Wireless

Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks

The high-severity use-after-free vulnerability in Samsung's KNOX security framework affected Android-powered Galaxy devices from the S9 through S25.

Kevin Townsend8 hours ago

Vulnerabilities

FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances

Attackers can send crafted media files to execute code in any application that uses FFmpeg’s libavcodec library.

Ionut Arghire10 hours ago

Data Protection

Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data

Squidbleed, discovered with the aid of Claude Mythos Preview, has been described as a Heartbleed-style vulnerability.

Eduard Kovacs1 day ago

Artificial Intelligence (AI) Risk Summit

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Vulnerabilities

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Vulnerable WordPress plugin iterations leak API keys, secrets, tokens, server information, and other data.

Ionut Arghire1 day ago

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Other noteworthy stories that might have slipped under the radar: Android TV botnet Popa linked to Israeli firm, Velvet Ant maintained decade-long stealth, unpatched...

SecurityWeek News4 days ago

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution.

Eduard Kovacs5 days ago

Vulnerabilities

Majority of Internet-Accessible REDCap Servers Outdated

These servers are regularly targeted by China-linked UNC6508 for initial access and backdoor deployment.

Ionut Arghire5 days ago

Vulnerabilities

No Exploits Required

Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.

Tod Beardsley5 days ago

Vulnerabilities

Atlassian, Splunk Patch Critical Vulnerabilities

Splunk patched an OS command injection in AI Toolkit, while Atlassian fixed dozens of flaws in third-party dependencies.

Ionut Arghire5 days ago

Network Security

Critical Command Execution Vulnerability Patched in Cisco ISE

Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root.

Ionut Arghire5 days ago

Vulnerabilities

F5 Patches Critical, High-Severity NGINX Vulnerabilities

Critical flaws in NGINX could allow remote, unauthenticated attackers to cause a restart and potentially execute arbitrary code.

Ionut Arghire5 days ago

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

The industrial automation giant has fixed security holes in Logix, CompactLogix, Flex, RSLinx, and FactoryTalk products.

Eduard Kovacs6 days ago

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

The public PoC code exploits a race condition in Microsoft Defender to spawn a command prompt with System privileges.

Ionut Arghire6 days ago

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Oracle has released its June 2026 Critical Security Patch Update to fix vulnerabilities in Communications, EBS, Enterprise Manager and other products.

Eduard Kovacs7 days ago

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

The browser updates address multiple memory safety bugs that could potentially lead to remote code execution.

Ionut Arghire7 days ago

Vulnerabilities

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers.

Ionut Arghire7 days ago

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

SOCRadar has detected 30,000 compromised Fortinet firewalls that expose networks to hacking.

Eduard Kovacs7 days ago

Application Security

Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure

Over two dozen organizations built a shared platform to triage vulnerabilities, fix them, and secure the software before patches arrive.

Ionut ArghireJune 16, 2026

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write.

Eduard KovacsJune 16, 2026

Page 1 of 42512 3 4 5 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Artificial Intelligence

Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps

Mobile & Wireless

Eight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel Attacks

Vulnerabilities

FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances

Data Protection

Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data

Artificial Intelligence (AI) Risk Summit

Vulnerabilities

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Vulnerabilities

Majority of Internet-Accessible REDCap Servers Outdated

Vulnerabilities

No Exploits Required

Vulnerabilities

Atlassian, Splunk Patch Critical Vulnerabilities

Network Security

Critical Command Execution Vulnerability Patched in Cisco ISE

Vulnerabilities

F5 Patches Critical, High-Severity NGINX Vulnerabilities

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Vulnerabilities

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Application Security

Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks

No Exploits Required

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Daily Briefing Newsletter