Vulnerabilities Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. Eduard KovacsMay 15, 2026
Artificial Intelligence Hackers Targeted PraisonAI Vulnerability Hours After Disclosure The first exploitation attempts were observed less than four hours after the authentication bypass was publicly disclosed. Ionut ArghireMay 14, 2026
Vulnerabilities Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks CVE-2026-6973 is a high-severity vulnerability that allows an attacker who has admin privileges to execute arbitrary code. Eduard KovacsMay 8, 2026
Nation-State Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. Eduard KovacsMay 7, 2026
Vulnerabilities Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. Eduard KovacsMay 6, 2026
Vulnerabilities MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs The security defects allow unauthenticated, remote attackers to execute arbitrary code through crafted requests. Ionut ArghireMay 5, 2026
Endpoint Security Exploitation of ‘Copy Fail’ Linux Vulnerability Begins CISA has added the bug to its KEV list, and Microsoft has observed limited exploitation, mainly associated with PoC testing. Ionut ArghireMay 4, 2026
Vulnerabilities Over 40,000 Servers Compromised in Ongoing cPanel Exploitation The attacks likely target CVE-2026-41940, a recently patched zero-day leading to administrative access. Ionut ArghireMay 4, 2026
Vulnerabilities Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. Ionut ArghireApril 30, 2026
Vulnerabilities Incomplete Windows Patch Opens Door to Zero-Click Attacks The initial vulnerability was exploited by Russia-linked APT28 in attacks against Ukraine and EU countries. Ionut ArghireApril 27, 2026
Vulnerabilities Recent Microsoft Defender Vulnerability Exploited as Zero-Day The flaw allows attackers to access the SAM database, extract NTLM hashes, and gain System privileges. Ionut ArghireApril 23, 2026
Vulnerabilities Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before. Ionut ArghireApril 21, 2026
Vulnerabilities Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers In-the-wild exploitation has been ongoing for a year, but no successful payload execution has been observed. Ionut ArghireApril 20, 2026
Vulnerabilities Recent Apache ActiveMQ Vulnerability Exploited in the Wild The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. Eduard KovacsApril 17, 2026
Vulnerabilities Exploited Vulnerability Exposes Nginx Servers to Hacking Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool. Eduard KovacsApril 15, 2026
Vulnerabilities Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count. Eduard KovacsApril 14, 2026
Vulnerabilities Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities The security defects allow attackers to escalate privileges and execute arbitrary code remotely. Ionut ArghireApril 14, 2026
Vulnerabilities Adobe Patches Reader Zero-Day Exploited for Months The vulnerability is tracked as CVE-2026-34621 and Adobe has confirmed that it can be exploited for arbitrary code execution. Eduard KovacsApril 12, 2026
Vulnerabilities Critical Marimo Flaw Exploited Hours After Public Disclosure Within nine hours, a hacker built an exploit from the unauthenticated bug’s advisory and started using it in the wild. Ionut ArghireApril 10, 2026
Vulnerabilities Adobe Reader Zero-Day Exploited for Months: Researcher Reputable researcher Haifei Li has come across what appears to be a PDF designed to exploit an unpatched vulnerability. Eduard KovacsApril 9, 2026