Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges.

Ionut Arghire1 day ago

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs.

Ionut Arghire1 day ago

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.

Eduard Kovacs1 day ago

Vulnerabilities

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks.

Eduard Kovacs2 days ago

Vulnerabilities

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets

The vulnerability can be exploited remotely, without authentication, to circumvent existing authentication controls.

Ionut ArghireMarch 14, 2026

Vulnerabilities

Google Paid Out $17 Million in Bug Bounty Rewards in 2025

Google paid over $3.7 million for Chrome vulnerabilities, and more than $3.5 million for cloud security defects.

Ionut ArghireMarch 13, 2026

Vulnerabilities

Chrome 146 Update Patches Two Exploited Zero-Days

The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution.

Ionut ArghireMarch 13, 2026

Vulnerabilities

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

The issue allows attackers to inject SQL queries and extract sensitive information from the database.

Ionut ArghireMarch 12, 2026

Vulnerabilities

Splunk, Zoom Patch Severe Vulnerabilities

Critical- and high-severity flaws could be exploited to execute arbitrary shell commands or elevate privileges.

Ionut ArghireMarch 12, 2026

Vulnerabilities

Cisco Patches High-Severity IOS XR Vulnerabilities

The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover.

Ionut ArghireMarch 12, 2026

Vulnerabilities

Critical N8n Vulnerabilities Allowed Server Takeover

The bugs allowed unauthenticated attackers to execute arbitrary code, steal credentials, and take over servers.

Ionut ArghireMarch 12, 2026

Vulnerabilities

Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities

The bugs could lead to arbitrary code execution, privilege escalation, or authentication rate-limit bypass.

Ionut ArghireMarch 11, 2026

Vulnerabilities

Microsoft Patches 83 Vulnerabilities

Microsoft has fixed a critical vulnerability, but none of the flaws fixed this Patch Tuesday has been exploited in the wild.

Ionut ArghireMarch 10, 2026

Vulnerabilities

Adobe Patches 80 Vulnerabilities Across Eight Products

Adobe has rolled out patches for 80 vulnerabilities across 8 products, including Commerce, Illustrator, Acrobat Reader, and Premiere Pro.

Ionut ArghireMarch 10, 2026

Vulnerabilities

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

A code injection bug in FS-QUO and an insecure deserialization flaw in NetWeaver could lead to arbitrary code execution.

Ionut ArghireMarch 10, 2026

Vulnerabilities

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.

Ionut ArghireMarch 10, 2026

Vulnerabilities

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses.

Eduard KovacsMarch 8, 2026

Vulnerabilities

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1.

Ionut ArghireMarch 6, 2026

ICS/OT

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light.

Eduard KovacsMarch 6, 2026

Vulnerabilities

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises

Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead.

Eduard KovacsMarch 5, 2026

Vulnerabilities

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild

The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities.

Eduard KovacsMarch 5, 2026

Vulnerabilities

Cisco Patches Critical Vulnerabilities in Enterprise Networking Products

Cisco has rolled out patches for 48 vulnerabilities in Firewall ASA, Secure FMC, and Secure FTD products.

Ionut ArghireMarch 5, 2026

Vulnerabilities

Critical FreeScout Vulnerability Leads to Full Server Compromise

A patch bypass for an authenticated code execution bug, the flaw leads to zero-click remote code execution attacks.

Ionut ArghireMarch 4, 2026

Vulnerabilities

VMware Aria Operations Vulnerability Exploited in the Wild

The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution.

Eduard KovacsMarch 4, 2026

Page 11 of 424« First ‹ Previous 7 8 9 101112 13 14 15 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Vulnerabilities

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Vulnerabilities

Critical HPE AOS-CX Vulnerability Allows Admin Password Resets

Vulnerabilities

Google Paid Out $17 Million in Bug Bounty Rewards in 2025

Vulnerabilities

Chrome 146 Update Patches Two Exploited Zero-Days

Vulnerabilities

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

Vulnerabilities

Splunk, Zoom Patch Severe Vulnerabilities

Vulnerabilities

Cisco Patches High-Severity IOS XR Vulnerabilities

Vulnerabilities

Critical N8n Vulnerabilities Allowed Server Takeover

Vulnerabilities

Fortinet, Ivanti, Intel Patch High-Severity Vulnerabilities

Vulnerabilities

Microsoft Patches 83 Vulnerabilities

Vulnerabilities

Adobe Patches 80 Vulnerabilities Across Eight Products

Vulnerabilities

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

Vulnerabilities

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

Vulnerabilities

Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

Vulnerabilities

CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List

ICS/OT

Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks

Vulnerabilities

Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises

Vulnerabilities

Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild

Vulnerabilities

Cisco Patches Critical Vulnerabilities in Enterprise Networking Products

Vulnerabilities

Critical FreeScout Vulnerability Leads to Full Server Compromise

Vulnerabilities

VMware Aria Operations Vulnerability Exploited in the Wild

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Caught Off Guard: Securing AI After It Hits Production

Daily Briefing Newsletter