Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges.

Ionut Arghire4 days ago

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs.

Ionut Arghire4 days ago

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.

Eduard Kovacs4 days ago

Vulnerabilities

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks.

Eduard Kovacs4 days ago

Vulnerabilities

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

The bugs could allow attackers to modify protected resources and escalate their privileges to administrator.

Ionut ArghireApril 9, 2026

Vulnerabilities

Adobe Reader Zero-Day Exploited for Months: Researcher

Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability.

Eduard KovacsApril 9, 2026

Data Protection

Data Leakage Vulnerability Patched in OpenSSL

A total of seven vulnerabilities, most of which can be exploited for DoS attacks, have been patched in OpenSSL.

Eduard KovacsApril 8, 2026

Vulnerabilities

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

The vulnerability requires authentication for successful exploitation, but another flaw exposes the Jolokia API without authentication.

Ionut ArghireApril 8, 2026

Vulnerabilities

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

The vulnerability allows hackers to upload arbitrary files to a site’s server and achieve remote code execution.

Ionut ArghireApril 8, 2026

Artificial Intelligence

Critical Flowise Vulnerability in Attacker Crosshairs

The improper validation of user-supplied JavaScript code allows attackers to execute arbitrary code and access the file system.

Ionut ArghireApril 7, 2026

Mobile & Wireless

Severe StrongBox Vulnerability Patched in Android

A critical DoS vulnerability in the Framework component of Android has also been fixed with the latest update.

Eduard KovacsApril 7, 2026

Endpoint Security

GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack

Researchers have demonstrated that GPU Rowhammer attacks can be used to escalate privileges.

Eduard KovacsApril 7, 2026

Network Security

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

The improper access control bug in FortiClient EMS allows unauthenticated attackers to execute arbitrary code remotely.

Ionut ArghireApril 6, 2026

Vulnerabilities

TrueConf Zero-Day Exploited in Asian Government Attacks

A Chinese threat actor exploited the video conferencing platform to perform reconnaissance, escalate privileges, and execute additional payloads.

Ionut ArghireApril 3, 2026

Vulnerabilities

Critical ShareFile Flaws Lead to Unauthenticated RCE

The vulnerabilities can be chained together to bypass authentication and upload arbitrary files to the server.

Ionut ArghireApril 3, 2026

Artificial Intelligence

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found by Adversa AI.

Kevin TownsendApril 2, 2026

Mobile & Wireless

Apple Rolls Out DarkSword Exploit Protection to More Devices

The DarkSword exploit kit has been used by both state-sponsored hackers and commercial spyware vendors.

Eduard KovacsApril 2, 2026

Vulnerabilities

Cisco Patches Critical and High-Severity Vulnerabilities

The bugs could lead to authentication bypass, remote code execution, information disclosure, and privilege escalation.

Ionut ArghireApril 2, 2026

Vulnerabilities

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google has announced fixes for CVE-2026-5281, a zero-day affecting Chrome’s Dawn component.

Eduard KovacsApril 1, 2026

Vulnerabilities

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

The SQL injection vulnerability allows unauthenticated attackers to execute arbitrary code remotely, via crafted HTTP requests.

Ionut ArghireMarch 31, 2026

Vulnerabilities

StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs

Remotely exploitable, the integer underflow vulnerability impacts StrongSwan releases spanning 15 years.

Ionut ArghireMarch 31, 2026

Artificial Intelligence

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

Researchers found an OpenAI Codex vulnerability that could have been exploited to compromise GitHub tokens.

Kevin TownsendMarch 31, 2026

Vulnerabilities

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

The critical-severity flaw leaks application memory and can be exploited to obtain authenticated administrative session IDs.

Ionut ArghireMarch 30, 2026

Vulnerabilities

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild

Initially disclosed as a high-severity denial-of-service (DoS), the bug was reclassified as a critical RCE issue.

Ionut ArghireMarch 30, 2026

Page 9 of 424« First ‹ Previous 5 6 7 8910 11 12 13 Next ›Last »

Webinar: How Modern Breaches Bypass MFA and Evade Detection

June 17, 2026

Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.

Webinar: Modern Exposure Validation in the AI Era

June 24, 2026

AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.

SECURITYWEEK NETWORK:

ICS:

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Vulnerabilities

Oracle Addresses PeopleSoft Vulnerability Amid Reports of Zero-Day Attacks

Vulnerabilities

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Vulnerabilities

Adobe Reader Zero-Day Exploited for Months: Researcher

Data Protection

Data Leakage Vulnerability Patched in OpenSSL

Vulnerabilities

RCE Bug Lurked in Apache ActiveMQ Classic for 13 Years

Vulnerabilities

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

Artificial Intelligence

Critical Flowise Vulnerability in Attacker Crosshairs

Mobile & Wireless

Severe StrongBox Vulnerability Patched in Android

Endpoint Security

GPUBreach: Root Shell Access Achieved via GPU Rowhammer Attack

Network Security

Fortinet Rushes Emergency Fixes for Exploited Zero-Day

Vulnerabilities

TrueConf Zero-Day Exploited in Asian Government Attacks

Vulnerabilities

Critical ShareFile Flaws Lead to Unauthenticated RCE

Artificial Intelligence

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Mobile & Wireless

Apple Rolls Out DarkSword Exploit Protection to More Devices

Vulnerabilities

Cisco Patches Critical and High-Severity Vulnerabilities

Vulnerabilities

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Vulnerabilities

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Vulnerabilities

StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs

Artificial Intelligence

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

Vulnerabilities

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Vulnerabilities

F5 BIG-IP DoS Flaw Upgraded to Critical RCE, Now Exploited in the Wild

Daily Briefing Newsletter

Trending

Webinar: How Modern Breaches Bypass MFA and Evade Detection

Webinar: Modern Exposure Validation in the AI Era

People on the move

Expert Insights

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

The Zero-Knowledge Threat Actor and the End of Responsible Disclosure

Raising the Cybersecurity Stakes: Ante up for the Agentic Era

Caught Off Guard: Securing AI After It Hits Production

Daily Briefing Newsletter