Ransomware BlueHammer Vulnerability Exploited in Ransomware Attacks The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. Eduard KovacsJune 30, 2026
Malware & Threats Critical SimpleHelp Vulnerability Exploited for Malware Delivery The threat actor is focused on collecting credentials, SSH keys, cryptocurrency wallets, and development tooling. Ionut ArghireJune 30, 2026
Vulnerabilities Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands. Ionut ArghireJune 24, 2026
Vulnerabilities Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure CISA has given federal agencies only three days to patch CVE-2026-20253, which can be exploited for unauthenticated remote code execution. Eduard KovacsJune 19, 2026
Vulnerabilities Joomla, LiteSpeed Vulnerabilities Exploited in Attacks The flaws allow attackers to execute arbitrary PHP code and gain root privileges on shared hosting servers. Ionut ArghireJune 17, 2026
Vulnerabilities Ivanti Sentry Exploitation Attempts Hitting Honeypots The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. Ionut ArghireJune 12, 2026
Government CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. Ionut ArghireJune 11, 2026
Vulnerabilities Organizations Warned of Exploited Linux Kernel Vulnerability An improper authentication bug allows attackers to escalate their privileges and escape containers. Ionut ArghireJune 3, 2026
Vulnerabilities Oracle WebLogic Vulnerability Exploited in the Wild The vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers. Eduard KovacsJune 2, 2026
Vulnerabilities CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day Resolved last week, the vulnerability was exploited in the wild as a zero-day to execute scripts with root privileges. Ionut ArghireMay 27, 2026
Vulnerabilities Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before. Ionut ArghireApril 21, 2026
Vulnerabilities NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched. Ionut ArghireApril 16, 2026
Vulnerabilities Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count. Eduard KovacsApril 14, 2026
Vulnerabilities Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities The security defects allow attackers to escalate privileges and execute arbitrary code remotely. Ionut ArghireApril 14, 2026
Malware & Threats Russian APT Exploits Zimbra Vulnerability Against Ukraine Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser. Ionut ArghireMarch 19, 2026
Vulnerabilities CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild. Eduard KovacsMarch 19, 2026
Vulnerabilities CISA Flags Year-Old Wing FTP Vulnerability as Exploited Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application. Ionut ArghireMarch 17, 2026
Vulnerabilities Recent Ivanti Endpoint Manager Flaw Exploited in Attacks CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. Ionut ArghireMarch 10, 2026
Vulnerabilities CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1. Ionut ArghireMarch 6, 2026
ICS/OT Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. Eduard KovacsMarch 6, 2026