Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges.

Ionut Arghire2 days ago

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs.

Ionut Arghire2 days ago

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.

Eduard Kovacs2 days ago

Vulnerabilities

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks.

Eduard Kovacs2 days ago

Vulnerabilities

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests.

Ionut ArghireFebruary 6, 2026

Government

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog

CISA updated 59 KEV entries in 2025 to specify that the vulnerabilities have been exploited in ransomware attacks.

Eduard KovacsFebruary 6, 2026

Application Security

VS Code Configs Expose GitHub Codespaces to Attacks

VS Code-integrated configuration files are automatically executed in Codespaces when the user opens a repository or pull request.

Ionut ArghireFebruary 5, 2026

Vulnerabilities

Critical N8n Sandbox Escape Could Lead to Server Compromise

The vulnerability could allow attackers to execute arbitrary commands and steal credentials and other secrets.

Ionut ArghireFebruary 5, 2026

Vulnerabilities

Cisco, F5 Patch High-Severity Vulnerabilities

The security defects can lead to DoS conditions, arbitrary command execution, and privilege escalation.

Ionut ArghireFebruary 5, 2026

Cloud Security

Vulnerabilities Allowed Full Compromise of Google Looker Instances

The flaws dubbed LookOut can be exploited for remote code execution and data exfiltration.

Eduard KovacsFebruary 4, 2026

Artificial Intelligence

DockerDash Flaw in Docker AI Assistant Leads to RCE, Data Theft

The critical vulnerability exists in the contextual trust in MCP Gateway architecture, as instructions are passed without validation.

Ionut ArghireFebruary 4, 2026

Vulnerabilities

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week.

Ionut ArghireFebruary 4, 2026

Vulnerabilities

Fresh SolarWinds Vulnerability Exploited in Attacks

The critical-severity SolarWinds Web Help Desk flaw could lead to unauthenticated remote code execution.

Ionut ArghireFebruary 4, 2026

Artificial Intelligence

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks

Wiz and Permiso have analyzed the AI agent social network and found serious security issues and threats.

Eduard KovacsFebruary 4, 2026

Malware & Threats

Critical React Native Vulnerability Exploited in the Wild

Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware.

Ionut ArghireFebruary 3, 2026

Malware & Threats

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability

The attacks targeting Europe were analyzed by Ukraine’s CERT-UA and the cybersecurity company Zscaler.

Eduard KovacsFebruary 3, 2026

Vulnerabilities

Ivanti Patches Exploited EPMM Zero-Days

The critical-severity vulnerabilities could allow unauthenticated attackers to execute arbitrary code remotely.

Ionut ArghireJanuary 30, 2026

Vulnerabilities

N8n Vulnerabilities Could Lead to Remote Code Execution

The two bugs impacted n8n’s sandbox mechanism and could be exploited via weaknesses in the AST sanitization logic.

Ionut ArghireJanuary 29, 2026

Vulnerabilities

SolarWinds Patches Critical Web Help Desk Vulnerabilities

The four critical flaws could be exploited without authentication for remote code execution or authentication bypass.

Ionut ArghireJanuary 29, 2026

Malware & Threats

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

Russian and Chinese state-sponsored threat actors have been exploiting CVE-2025-8088 since July 2025.

Ionut ArghireJanuary 28, 2026

Vulnerabilities

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Tracked as CVE-2026-24858, the bug allows attackers to log into devices registered to other FortiCloud accounts.

Ionut ArghireJanuary 28, 2026

Data Protection

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm.

Eduard KovacsJanuary 28, 2026

Vulnerabilities

Organizations Warned of Exploited Linux Vulnerabilities

The flaws allow threat actors to obtain root privileges or bypass authentication via Telnet and gain shell access as root.

Ionut ArghireJanuary 27, 2026

Vulnerabilities

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

The vulnerability is tracked as CVE-2026-21509 and it can be exploited to bypass security features.

Eduard KovacsJanuary 27, 2026

Page 14 of 424« First ‹ Previous 10 11 12 131415 16 17 18 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Vulnerabilities

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Vulnerabilities

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

Government

Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog

Application Security

VS Code Configs Expose GitHub Codespaces to Attacks

Vulnerabilities

Critical N8n Sandbox Escape Could Lead to Server Compromise

Vulnerabilities

Cisco, F5 Patch High-Severity Vulnerabilities

Cloud Security

Vulnerabilities Allowed Full Compromise of Google Looker Instances

Artificial Intelligence

DockerDash Flaw in Docker AI Assistant Leads to RCE, Data Theft

Vulnerabilities

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

Vulnerabilities

Fresh SolarWinds Vulnerability Exploited in Attacks

Artificial Intelligence

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks

Malware & Threats

Critical React Native Vulnerability Exploited in the Wild

Malware & Threats

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability

Vulnerabilities

Ivanti Patches Exploited EPMM Zero-Days

Vulnerabilities

N8n Vulnerabilities Could Lead to Remote Code Execution

Vulnerabilities

SolarWinds Patches Critical Web Help Desk Vulnerabilities

Malware & Threats

APTs, Cybercriminals Widely Exploiting WinRAR Vulnerability

Vulnerabilities

Fortinet Patches Exploited FortiCloud SSO Authentication Bypass

Data Protection

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

Vulnerabilities

Organizations Warned of Exploited Linux Vulnerabilities

Vulnerabilities

Microsoft Patches Office Zero-Day Likely Exploited in Targeted Attacks

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Caught Off Guard: Securing AI After It Hits Production

Daily Briefing Newsletter