Nation-State Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. Eduard KovacsFebruary 24, 2026
Email Security Recent RoundCube Webmail Vulnerability Exploited in Attacks Patched in December 2025, the exploited flaw leads to XSS attacks via the animate tags in SVG documents. Ionut ArghireFebruary 23, 2026
Vulnerabilities CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5 The vulnerability added to CISA’s KEV catalog affects ThreatSonar Anti-Ransomware and it was patched in 2024. Eduard KovacsFebruary 18, 2026
Vulnerabilities CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities Disclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025. Ionut ArghireFebruary 13, 2026
Risk Management New Paper and Tool Help Security Teams Move Beyond Blind Reliance on CISA’s KEV Catalog The KEV list is useful but largely misunderstood. KEVology explains what it is, and how best to use it. Kevin TownsendFebruary 9, 2026
Vulnerabilities Critical SmarterMail Vulnerability Exploited in Ransomware Attacks The security defect allows unauthenticated attackers to execute arbitrary code remotely via malicious HTTP requests. Ionut ArghireFebruary 6, 2026
Government Concerns Raised Over CISA’s Silent Ransomware Updates in KEV Catalog CISA updated 59 KEV entries in 2025 to specify that the vulnerabilities have been exploited in ransomware attacks. Eduard KovacsFebruary 6, 2026
Vulnerabilities Organizations Warned of Exploited Zimbra Collaboration Vulnerability CISA has added the Zimbra flaw to the KEV catalog along with three other bugs exploited in the wild. Ionut ArghireJanuary 23, 2026
Vulnerabilities CISA Closes 10 Emergency Directives as Vulnerability Catalog Takes Over The Emergency Directives were retired because they achieved objectives or targeted vulnerabilities included in the KEV catalog. Ionut ArghireJanuary 9, 2026
Vulnerabilities Critical HPE OneView Vulnerability Exploited in Attacks The maximum-severity code injection flaw can be exploited without authentication for remote code execution. Ionut ArghireJanuary 8, 2026
Vulnerabilities CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws. Ionut ArghireJanuary 5, 2026
Vulnerabilities CISA Warns of Exploited Flaw in Asus Update Tool Tracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack. Ionut ArghireDecember 18, 2025
Vulnerabilities Recent GeoServer Vulnerability Exploited in Attacks Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request. Ionut ArghireDecember 12, 2025
ICS/OT CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog. Eduard KovacsDecember 1, 2025
Vulnerabilities Critical WatchGuard Firebox Vulnerability Exploited in Attacks Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. Ionut ArghireNovember 13, 2025
Vulnerabilities CISA Warns of CWP Vulnerability Exploited in the Wild A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution. Eduard KovacsNovember 5, 2025
Vulnerabilities CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation. Ionut ArghireOctober 31, 2025
ICS/OT CISA Warns of Exploited DELMIA Factory Software Vulnerabilities Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely. Ionut ArghireOctober 29, 2025
Vulnerabilities CISA Warns of Exploited Apple, Kentico, Microsoft Vulnerabilities Leading to code execution, authentication bypass, and privilege escalation, the flaws were added to CISA’s KEV list. Ionut ArghireOctober 21, 2025
Vulnerabilities CISA Confirms Exploitation of Latest Oracle EBS Vulnerability The cybersecurity agency has added CVE-2025-61884 to its Known Exploited Vulnerabilities (KEV) catalog. Eduard KovacsOctober 21, 2025