Tag: cve
-
Attackers exploit Ivanti EPMM zero-days to seize control of MDM servers
Patch, but verify first: Unit 42 directed organizations to Ivanti’s security advisory for remediation guidance, which recommends applying version-specific RPM patches for EPMM 12.x branches that require no appliance downtime. Ivanti cautioned, however, that the patch does not survive a version upgrade and must be reinstalled if the software is updated. “The permanent fix for…
-
CISA Warns of Actively Exploited Roundcube Vulnerabilities
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, open-source, risk, threat, vulnerabilityOn February 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical flaws in Roundcube Webmail. These vulnerabilities, CVE-2025-49113 and CVE-2025-68461, are being actively exploited by threat actors. Roundcube, a popular open-source webmail client used by organizations worldwide, now faces heightened risks as attackers target…
-
CISA Warns of Actively Exploited Roundcube Vulnerabilities
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, open-source, risk, threat, vulnerabilityOn February 20, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) updated its Known Exploited Vulnerabilities (KEV) Catalog by adding two critical flaws in Roundcube Webmail. These vulnerabilities, CVE-2025-49113 and CVE-2025-68461, are being actively exploited by threat actors. Roundcube, a popular open-source webmail client used by organizations worldwide, now faces heightened risks as attackers target…
-
jsPDF Flaw Exposes Millions of Developers to Object Injection
A serious security flaw in jsPDF, a widely used JavaScript library for generating PDFs in web browsers, puts millions of developers and their users at risk. CVE-2026-25755 allows attackers to perform PDF Object Injection through the library’s addJS method. This vulnerability affects countless web applications that rely on jsPDF to create dynamic PDF documents from…
-
128M Users Exposed as Popular VS Code Extensions Reveal Critical Flaws
Serious vulnerabilities in four popular Visual Studio Code (VS Code) extensions, affecting over 128 million downloads. These flaws, including three assigned CVEs CVE-2025-65715, CVE-2025-65716, and CVE-2025-65717, highlight IDEs as the weakest link in organizational supply chain security. Developers often store sensitive data like API keys, business logic, database configs, and even customer info right in…
-
Splunk Enterprise for Windows Flaw Enables DLL Hijacking, SYSTEM Access
A serious flaw in Splunk Enterprise for Windows that lets low-privileged users hijack DLL loading and escalate to SYSTEM-level access. Tracked as CVE-2026-20140, this local privilege escalation (LPE) vulnerability stems from DLL search-order hijacking and carries a CVSSv3.1 score of 7.7 (High). Splunk disclosed it on February 18, 2026, via advisory SVD-2026-0205. The issue affects…
-
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerabilities in question are listed below -CVE-2025-49113 (CVSS score: 9.9) – A deserialization of untrusted data vulnerability that allows remote code First seen on thehackernews.com…
-
Critical Security Issue Found in Windows Notepad
Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown files. The post Microsoft: Critical Security Issue Found in Windows Notepad appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/critical-windows-notepad-flaw-february-2026/
-
BeyondTrust RCE flaw now exploited in ransomware attacks
Tags: attack, cisa, cve, cybersecurity, exploit, flaw, hacker, infrastructure, ransomware, rce, remote-code-execution, vulnerabilityHackers are actively exploiting the CVE-2026-1731 vulnerability in the BeyondTrust Remote Support product, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-beyondtrust-rce-flaw-now-exploited-in-ransomware-attacks/
-
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the…
-
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Threat actors have been observed exploiting a recently disclosed critical security flaw impacting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products to conduct a wide range of malicious actions, including deploying VShell and The vulnerability, tracked as CVE-2026-1731 (CVSS score: 9.9), allows attackers to execute operating system commands in the context of the…
-
Dynamic Objects in Active Directory: The Stealthy Threat
Active Directory’s “dynamic objects” feature offers attackers a perfect evasion cloak. These objects automatically self-destruct without a trace, so they allow adversaries to bypass quotas, pollute access lists, and persist in the cloud, leaving forensic investigators with nothing to analyze. Key takeaways The threat: Dynamic objects self-delete without leaving any traces, or “tombstones” in AD…
-
Real-Time Risk Detection with Automated Vulnerability Assessment Tools
The global vulnerability landscape continues to expand rapidly, with thousands of new CVEs published every year. Thus, allowing hackers to weaponize newly disclosed flaws at an instant. Public reporting and threat intelligence analyses consistently show that exploitation often begins within days, and sometimes hours, of disclosure. That reality has fundamentally changed what “vulnerability assessment tools”……
-
Chrome Zero-Day CVE-2026-2441: The CSS Trap Blog – Menlo Security
Discover why the latest Chrome zero-day (CVE-2026-2441) proves patching isn’t enough. Learn how cloud isolation secures endpoints against CSS memory exploits. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/chrome-zero-day-cve-2026-2441-the-css-trap-blog-menlo-security/
-
Hackers Exploit Critical BeyondTrust Vulnerability to Deploy VShell and SparkRAT
Hackers are actively exploiting a critical vulnerability in BeyondTrust’s remote support software to deploy the VShell backdoor and SparkRAT remote access trojan, enabling full compromise of exposed systems. The vulnerability, tracked as CVE-2026-1731, is being used in real-world attacks against multiple industries across the U.S., Europe, and Asia-Pacific. BeyondTrust is an identity and access management…
-
CVE-2026-20700 – Apple behebt Zero Day in allen Betriebssystemen
First seen on security-insider.de Jump to article: www.security-insider.de/zero-day-sicherheitsluecke-apple-betriebssysteme-a-97a952c6d6af5bc4e9297d177111889e/
-
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could allow an attacker to escalate their privileges.Windows Admin Center is a locally deployed, browser-based management tool set that lets users manage their Windows Clients, Servers, and Clusters without the need for connecting to the cloud.The high-severity vulnerability, tracked as CVE-2026-26119, carries a…
-
China-Linked Hackers Use Dell RecoverPoint Flaw to Drop GrimBolt Malware
Dell warns of a critical security hole in its RecoverPoint software exploited by hackers. Learn how to protect your data from the CVE-2026-22769 vulnerability and the new GrimBolt malware. First seen on hackread.com Jump to article: hackread.com/china-hackers-dell-recoverpoint-flaw-grimbolt-malware/
-
China’s Parallel CVE Systems Expose Alternate Vulnerability Disclosure Timeline
Beyond CVE, China’s dual vulnerability databases, CNVD and CNNVD, show that vulnerability disclosure is not a single, global, unified process but a set of parallel systems with different rules, incentives, and timelines. China runs two national vulnerability databases: CNNVD, operated under the Ministry of State Security, and CNVD, operated by CNCERT as a defender”‘focused coordination…
-
Flaws in Google and Microsoft products added to Cisa catalogue
Cisa has added six CVEs to its Kev catalogue this week, including newly disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639264/Flaws-in-Google-Microsoft-products-added-to-Cisa-catalogue
-
Mozilla Firefox Issues Emergency Patch for Heap Buffer Overflow in Firefox v147
Mozilla has released an out-of-band security update to address a critical vulnerability affecting its browser. The update, issued as Firefox v147.0.4, resolves a high-impact Heap buffer overflow flaw in the libvpx video codec library. The issue is tracked under CVE-2026-2447 and was identified by security researcher jayjayjazz. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/firefox-v147-cve-2026-2447/
-
Critical Grandstream VoIP Bug Highlights SMB Security Blind Spot
CVE-2026-2329 allows unauthenticated root-level access to SMB phone infrastructure, so attackers can intercept calls, commit toll fraud, and impersonate users. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/grandstream-bug-voip-security-blind-spot
-
Fed agencies ordered to patch Dell bug by Saturday after exploitation warning
Dell and Google released notices on Tuesday about CVE-2026-22769, warning that a sophisticated Chinese actor has been targeting the bug since at least mid-2024. First seen on therecord.media Jump to article: therecord.media/fed-agencies-ordered-to-patch-dell-bug-after-exploitation-warning
-
Flaws in Google, Microsoft products added to Cisa catalogue
Cisa has added six CVEs to its Kev catalogue this week, including newly-disclosed issues in Google Chromium and Dell RecoverPoint for Virtual Machines, and some older flaws as well. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639264/Flaws-in-Google-Microsoft-products-added-to-Cisa-catalogue
-
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
Tags: control, cve, cvss, cybersecurity, data-breach, flaw, phone, remote-code-execution, voip, vulnerabilityCybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices.The vulnerability, tracked as CVE-2026-2329, carries a CVSS score of 9.3 out of a maximum of 10.0. It has been described as a case of unauthenticated stack-based buffer overflow…
-
Telegram channels expose rapid weaponization of SmarterMail flaws
Underground Telegram channels shared SmarterMail exploit PoCs and stolen admin credentials within days of disclosure. Flare explains how monitoring these communities reveals rapid weaponization of CVE-2026-24423 and CVE-2026-23760 tied to ransomware activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/telegram-channels-expose-rapid-weaponization-of-smartermail-flaws/
-
AI Found Twelve New Vulnerabilities in OpenSSL
The title of the post is”What AI Security Research Looks Like When It Works,” and I agree: In the latest OpenSSL security release> on January 27, 2026, twelve new zero-day vulnerabilities (meaning unknown to the maintainers at time of disclosure) were announced. Our AI system is responsible for the original discovery of all twelve, each…