Cybersecurity Vulnerabilities
37 reports
Microsoft’s Monthly Patch - April 2026: 167 Vulnerabilities, 2 Zero-days
Microsoft's April 2026 update addresses 167 vulnerabilities, including two active zero-days: CVE-2026-32201 in SharePoint and CVE-2026-33825 in Microsoft Defender. With eight critical flaws identified, including remote code execution, administrators must prioritize these patches immediately.
Vulnerability in wolfSSL Library Enables Forged Certificate Use (CVSS 9.3)
wolfSSL disclosed a critical signature verification vulnerability. This flaw allows attackers to bypass cryptographic trust mechanisms and forge digital identities. Organizations should update to version 5.9.1 to prevent unauthorized access.
Marimo Pre-authentication Remote Code Execution Flaw Now Under Active Exploitation (CVSS 9.3)
Marimo disclosed a critical remote code execution vulnerability. This flaw allows unauthenticated attackers to gain root access via the terminal WebSocket endpoint. Enterprises must immediately update to version 0.23.0 to protect sensitive AI workloads.
Fortinet Patches Actively Exploited Vulnerability in FortiClient Endpoint Management System (CVSS 9.8)
Fortinet disclosed a critical zero-day vulnerability in FortiClient EMS. This flaw allows unauthenticated attackers to bypass authentication and execute commands. Enterprises are advised to update to version 7.4.7 immediately to prevent full system compromise.
Threat Actor Exploit Critical Flaw in Ninja Forms WordPress plugin (CVSS 9.8)
Ninja Forms disclosed a critical file upload vulnerability. This flaw allows unauthenticated attackers to upload malicious scripts and achieve remote code execution. Enterprises are advised to immediately update the plugin to version 3.3.27 or later.
Max Severity Flowise Remote Code Execution Vulnerability Exploited in Attacks (CVSS 10.0)
Flowise disclosed a maximum severity remote code execution vulnerability. This flaw allows unauthenticated attackers to inject malicious scripts, leading to full system takeover. Enterprises are advised to immediately update to version 3.1.1 to mitigate risk.
CISA Urges Immediate Patching of Actively Exploited NetScaler Vulnerability (CVSS 9.3)
The Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to patch a critical vulnerability in Citrix NetScaler appliances. This flaw allows unauthorized actors to steal sensitive data. Security experts warn that thousands of systems remain exposed to this threat.
CISA Warns of Actively Exploited Vulnerability in Langflow AI Workflows (CVSS 9.3)
The Cybersecurity and Infrastructure Security Agency (CISA) warns that threat actors are actively exploiting a critical vulnerability within the Langflow framework. This flaw allows unauthorized individuals to execute remote code and harvest sensitive credentials from AI workflows.
Oracle Releases Patch for Vulnerability in Identity Manager and Web Services Manager (CVSS 9.8)
Oracle released an urgent security update to address a critical remote code execution vulnerability affecting its identity and web services platforms. This flaw allows unauthorized actors to seize control of enterprise systems. Organizations are advised to apply the provided patch immediately.
Patch Now: Account Takeover Vulnerability in Ubiquiti Unifi (CVSS 10.0)
Ubiquiti has disclosed a maximum severity security flaw in its network management software. This directory navigation vulnerability allows unauthorized actors to bypass restrictions and seize full control of systems. Administrators are advised to update all platforms immediately.
CISA Urges Immediate Patching of Actively Exploited NetScaler Vulnerability (CVSS 9.3)
The Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to patch a critical vulnerability in Citrix NetScaler appliances. This flaw allows remote actors to steal sensitive data from memory. Organizations must update systems immediately to prevent active exploitation.
NVIDIA Releases Patches for Vulnerability that Enables RCE and DoS Attacks (CVSS 9.0)
NVIDIA has issued critical security updates to address a severe vulnerability within its enterprise artificial intelligence software infrastructure. This flaw enables remote command execution and system disruption. Organizations are advised to apply these patches immediately.
Apple Patches Critical “Coruna” Exploits on Older Devices
Apple released critical patches for older iOS and iPadOS devices to address vulnerabilities exploited by the Coruna kit. These flaws allow threat actors to bypass security and gain total device control. Active exploitation has been confirmed, targeting sensitive data and crypto wallets.
Multiple Remove Code Execution Vulnerabilities Expose Veeam Backup Servers to Takeover (CVSS 9.9)
Veeam disclosed four critical remote code execution vulnerabilities in its Backup and Replication platform, carrying a high severity score of 9.9. These flaws allow low-privileged users to gain total control of backup servers, posing a significant risk of ransomware attacks and data loss.
Update Now: Google Patches Two Zero-Day Flaw Exploited in the Wild (CVSS 8.8)
Google disclosed two zero-day vulnerabilities in the Chrome Skia and V8 engines. These flaws allow remote code execution via malicious webpages. With active exploitation confirmed, organizations must immediately update Chromium-based browsers to prevent unauthorized system access.
Microsoft’s Monthly Patch – March 2026: 79 Vulnerabilities, Two Zero-days
Microsoft released its March 2026 update, patching 79 vulnerabilities including two zero-days. A critical remote code execution flaw in the Microsoft Devices Pricing Program, carrying a severity score of 9.8, highlights the release. Adobe, Cisco, and Fortinet also issued security patches.
Dormant RESURGE Malware Actively Targeting Ivanti Devices
A critical zero-day vulnerability in Ivanti VPN appliances allows remote attackers to gain full system control. State-sponsored actors are using RESURGE malware to maintain hidden, persistent access.
Malicious Chrome Extensions Exploit Gemini AI Browser Panel to Access Cameras and Files
A high-severity vulnerability in Google Chrome allows malicious browser extensions to hijack the Gemini panel. This flaw grants attackers access to cameras, microphones, and local files. Enterprises must ensure all endpoints are updated to Chrome version 143.0.7499.192 or later to mitigate risks.
ClawJacked: Critical Zero-Click Vulnerability in OpenClaw AI Agents
The "ClawJacked" vulnerability in OpenClaw allows remote attackers to hijack local AI agents via malicious websites. This zero-click exploit grants full control over developer environments, including file exfiltration and system commands. Organizations must update to version 2026.2.25.
Exploited Zero-Day Flaw in Windows MSHTML Framework
A zero-day vulnerability in Microsoft HTML allows attackers like APT28 to bypass security warnings and execute code via malicious files. Exploited in the wild, this flaw targets Windows systems. Organizations are advised to apply the February 2026 security updates immediately to mitigate risk.
Dormant RESURGE Malware Actively Targeting Ivanti Devices
A critical zero-day in Ivanti VPNs allows remote attackers to gain full system control via RESURGE malware. State-sponsored actors use this to maintain hidden persistence. Standard patches are insufficient; organizations are advised to use specialized tools to detect the threat.
Angular SSR Vulnerability Enables Unauthorized Server Requests
A critical SSRF vulnerability in the Angular SSR framework allows attackers to redirect internal traffic and exfiltrate sensitive data. With a CVSS of 9.2, this flaw enables private network probing. Organizations are advised to immediately update to Angular version 19.2.21 or higher.
CISA Mandates Patch for Actively Exploited FileZen Vulnerability
A command injection vulnerability in Soliton Systems FileZen allows authenticated users to execute malicious commands. CISA confirmed active exploitation, adding it to the KEV catalog. Organizations are advised to update to version 5.0.11 or later to prevent full system compromise.
SolarWinds Serv-U Software Vulnerable to Administrative-Level Compromise
SolarWinds disclosed four critical vulnerabilities in its Serv-U platform, allowing attackers to execute commands with administrator privileges. With a CVSS of 9.1, these flaws pose a severe risk. Organizations are advised to update to version 15.5.4 immediately.
Public Exploit Released for Privilege Escalation Vulnerability in Windows Error Reporting
A privilege escalation vulnerability in Windows Error Reporting allows low-level users to gain administrative control. With a public exploit available, the risk to Windows 10, 11, and Server environments is high. Organizations are advised to apply the January 2026 security updates immediately.
Honeywell CCTV Authentication Bypass Flaw (CVSS 9.8)
A critical authentication bypass vulnerability in Honeywell CCTV cameras allows remote attackers to perform full account takeovers by manipulating password recovery APIs. With a severity score of 9.8, the flaw enables unauthorized surveillance, network pivoting, and physical security breaches.
Microsoft’s Monthly Patch February 2026: 58 Vulnerabilities, 6 Zero-days, and Infinite Restart Loop Issue Reported
The February update from Microsoft addresses fifty eight vulnerabilities including six critical zero day threats. While this release secures the Windows Shell and Microsoft Office Word from active exploits, some users report restart errors. Immediate installation is advised to protect systems.
Apple Patches First Zero-Day of 2026: Targeted Attacks Confirm Active Exploit (CVSS 7.8)
Apple disclosed a critical zero-day memory corruption flaw in its dynamic linker service, affecting iPhones, iPads, and Macs. The vulnerability allows attackers to bypass security gatekeepers and execute malicious code at the core operating system level.
Update Now: Google Patches Zero-Day Flaw Exploited in the Wild (CVSS 8.8)
Google disclosed a high-severity "use after free" vulnerability in the Chrome CSS engine. The flaw allows remote code execution via malicious webpages. With active exploitation confirmed, immediate updates are required for all Chromium-based browsers.
Two RCE Vulnerabilities in Automation Platform n8n Disclosed (CVSS 9.9 and 8.5)
The workflow automation platform n8n disclosed two critical RCE vulnerabilities. These flaws allow authenticated users to escape sandboxes and execute commands on the host server, risking credential theft and infrastructure-level control across connected services.
Sandbox Escape Vulnerability Found in vm2 NodeJS Library (CVSS 9.8)
A critical sandbox escape vulnerability was disclosed in the vm2 NodeJS library, carrying a CVSS of 9.8. The flaw allows attackers to bypass restricted environments to execute commands, install malware, and steal credentials, impacting software supply chain security.
Russian APT28 Exploiting Recently Patched Microsoft Office Flaw
Russian state-sponsored group APT28 is exploiting a Microsoft Office vulnerability to target government and defense sectors. This "Operation Neusploit" uses compromised documents to bypass security checks, deploying malware for long-term intelligence gathering and data theft.
Critical Takeover Attack Vulnerability in n8n Platform Disclosed (CVSS 10.0)
A critical authentication bypass vulnerability in n8n, dubbed "Ni8mare," allows unauthenticated attackers to achieve full remote code execution. With a maximum CVSS score of 10.0, the flaw enables attackers to weaponize workflows, steal credentials, and compromise connected services.
Critical Cisco Zero-Day Patched After Active Espionage Campaign
Cisco released urgent patches for a maximum-severity zero-day vulnerability in its Secure Email Gateway. Actively exploited by China-linked threat actors, the CVSS 10.0 flaw allows unauthenticated root-level command execution, enabling full device takeover and persistent network access.
China‑Linked Hackers Target North American Critical Infrastructure via Sitecore Zero‑Day
Cisco Talos reports that China-linked group UAT-8837 is exploiting a critical zero-day vulnerability in Sitecore CMS to breach North American critical infrastructure. The group uses insecure configurations to bypass controls, establish long-term persistence, and monitor operational plans.
Latest Microsoft Patch Released – January 2026 -114 Vulnerabilities, 3 Zero-days, and Operational Disruptions Reported
Microsoft's January 2026 update addresses 114 vulnerabilities, including three zero-days, most notably a memory leak in Desktop Windows Manager. Despite critical fixes, the rollout has caused operational disruptions, including Outlook freezes and Windows 11 shutdown failures.
KimWolf Botnet Reportedly Compromised 2 Million Android-based Streaming Devices
The "Kimwolf" campaign has compromised over two million Android streaming devices, primarily off-brand TV boxes, to build a global botnet. These infected devices facilitate DDoS attacks, credential stuffing, and bandwidth theft, often arriving pre-infected or compromised minutes after setup.