ICS/OT Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light. Eduard KovacsMarch 6, 2026
Vulnerabilities Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead. Eduard KovacsMarch 5, 2026
Vulnerabilities Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities. Eduard KovacsMarch 5, 2026
Vulnerabilities VMware Aria Operations Vulnerability Exploited in the Wild The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution. Eduard KovacsMarch 4, 2026
Mobile & Wireless Android Update Patches Exploited Qualcomm Zero-Day An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption. Ionut ArghireMarch 3, 2026
Vulnerabilities 900 Sangoma FreePBX Instances Infected With Web Shells The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface. Ionut ArghireFebruary 27, 2026
Malware & Threats Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. Ionut ArghireFebruary 26, 2026
Nation-State Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs The vulnerability in TeamT5 ThreatSonar Anti-Ransomware was recently added to CISA’s KEV catalog. Eduard KovacsFebruary 24, 2026
Email Security Recent RoundCube Webmail Vulnerability Exploited in Attacks Patched in December 2025, the exploited flaw leads to XSS attacks via the animate tags in SVG documents. Ionut ArghireFebruary 23, 2026
Ransomware BeyondTrust Vulnerability Exploited in Ransomware Attacks CISA has updated its KEV entry for CVE-2026-1731 to alert organizations of exploitation in ransomware attacks. Eduard KovacsFebruary 20, 2026
Malware & Threats Ivanti Exploitation Surges as Zero-Day Attacks Traced Back to July 2025 Security researchers have seen the vulnerabilities being exploited to deliver shells, conduct reconnaissance, and download malware. Eduard KovacsFebruary 19, 2026
Vulnerabilities CISA: Hackers Exploiting Vulnerability in Product of Taiwan Security Firm TeamT5 The vulnerability added to CISA’s KEV catalog affects ThreatSonar Anti-Ransomware and it was patched in 2024. Eduard KovacsFebruary 18, 2026
Malware & Threats Dell RecoverPoint Zero-Day Exploited by Chinese Cyberespionage Group GTIG and Mandiant said the zero-day tracked as CVE-2026-22769 has been exploited by UNC6201 since at least 2024. Eduard KovacsFebruary 18, 2026
Vulnerabilities Google Patches First Actively Exploited Chrome Zero-Day of 2026 A Chrome 145 update fixes CVE-2026-2441, a vulnerability that can likely be exploited for arbitrary code execution. Eduard KovacsFebruary 16, 2026
Vulnerabilities BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release Exploitation attempts target CVE-2026-1731, a critical unauthenticated remote code execution flaw in BeyondTrust Remote Support. Eduard KovacsFebruary 13, 2026
Vulnerabilities CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities Disclosed at the end of January, the SolarWinds vulnerability was likely exploited as a zero-day since December 2025. Ionut ArghireFebruary 13, 2026
Vulnerabilities Apple Patches iOS Zero-Day Exploited in ‘Extremely Sophisticated Attack’ Impacting the ‘dyld’ system component, the memory corruption issue can be exploited for arbitrary code execution. Ionut ArghireFebruary 12, 2026
Vulnerabilities 6 Actively Exploited Zero-Days Patched by Microsoft With February 2026 Updates Microsoft’s Patch Tuesday updates fix roughly 60 vulnerabilities found in the company’s products. Eduard KovacsFebruary 10, 2026
Vulnerabilities Recent SolarWinds Flaws Potentially Exploited as Zero-Days Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access. Ionut ArghireFebruary 9, 2026
Ransomware SmarterTools Hit by Ransomware via Vulnerability in Its Own Product SmarterTools says customers were impacted after hackers compromised a data center used for quality control testing. Ionut ArghireFebruary 9, 2026