Tag: exploit
-
LiteSpeed cPanel Plugin 0-Day Exploited for Server Root Access
A critical zero-day privilege escalation vulnerability in the LiteSpeed User-End cPanel plugin is being actively exploited in the wild, enabling any authenticated cPanel user to execute arbitrary scripts as root and gain full server control. Tracked as CVE-2026-48172 with a maximum CVSS score of 10.0, the flaw has been patched as of May 21, 2026. The root cause is a logic…
-
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.The flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions.”Any cPanel user (including an attacker or a compromised account) may First…
-
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.”Drupal Core First seen on…
-
CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-adds-trend-micro-apex-one-and-langflow-flaws-to-exploited-vulnerabilities-catalog
-
‘Underminr’ exploitation poses similar risks to domain fronting, researchers say
First seen on scworld.com Jump to article: www.scworld.com/news/underminr-exploitation-poses-similar-risks-to-domain-fronting-researchers-say
-
‘Underminr’ exploitation poses similar risks to domain fronting, researchers say
First seen on scworld.com Jump to article: www.scworld.com/news/underminr-exploitation-poses-similar-risks-to-domain-fronting-researchers-say
-
Attackers exploit SonicWall VPN vulnerability to bypass MFA
First seen on scworld.com Jump to article: www.scworld.com/brief/attackers-exploit-sonicwall-vpn-vulnerability-to-bypass-mfa
-
Organizations knowingly ship vulnerable code amid shrinking exploit windows
First seen on scworld.com Jump to article: www.scworld.com/brief/organizations-knowingly-ship-vulnerable-code-amid-shrinking-exploit-windows
-
RondoDox Botnet Exploits 2018 Flaw in Asus Routers
Botnet Operators Execute First Known Exploit of Nearly Decade-Old Flaw. Operators behind a botnet picked up on a nearly decade-old flaw in Asus routers allowing an unauthenticated attacker to achieve remote code execution as a root user. VulnCheck began observing exploitation of the Asus vulnerability on May 17. First seen on govinfosecurity.com Jump to article:…
-
RondoDox Botnet Exploits 2018 Flaw in Asus Routers
Botnet Operators Execute First Known Exploit of Nearly Decade-Old Flaw. Operators behind a botnet picked up on a nearly decade-old flaw in Asus routers allowing an unauthenticated attacker to achieve remote code execution as a root user. VulnCheck began observing exploitation of the Asus vulnerability on May 17. First seen on govinfosecurity.com Jump to article:…
-
Terra Security expands platform to include network infrastructure exploitation validation
First seen on scworld.com Jump to article: www.scworld.com/brief/terra-security-expands-platform-to-include-network-infrastructure-exploitation-validation
-
Drupal releases emergency security update amid exploit concerns
First seen on scworld.com Jump to article: www.scworld.com/brief/drupal-releases-emergency-security-update-amid-exploit-concerns
-
Verizon DBIR 2026: Vulnerability exploits top initial access as patching coverage falls
First seen on scworld.com Jump to article: www.scworld.com/news/verizon-dbir-2026-vulnerability-exploits-top-initial-access-as-patching-coverage-falls
-
Trend Micro warns of Apex One zero-day exploited in the wild
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/trend-micro-warns-of-apex-one-zero-day-exploited-in-attacks/
-
Drupal: Critical SQL injection flaw now targeted in attacks
Drupal is warning that hackers are attempting to exploit a “highly critical” SQL injection vulnerability announced earlier this week. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/
-
Hackers Exploit Middle East Telecoms for Massive C2 Operations
Hackers are increasingly abusing Middle East telecommunications networks and hosting providers to operate large-scale command-and-control (C2) infrastructure. The findings highlight a strategic shift away from disposable indicators toward infrastructure-level tracking, allowing defenders to identify persistent patterns behind cyber operations rather than reacting to constantly changing indicators of compromise. The dataset reveals that C2 infrastructure dominates…
-
Google’s Exploit Code Release Raises Concern Over Unfixed Chromium Security Bug
Google’s recent release of proof-of-concept (PoC) exploit code for a still-unpatched Chromium vulnerability has sparked significant concern across the cybersecurity community. The flaw, first reported in late 2022 by security researcher Lyra Rebane, remains unresolved after more than three years, exposing millions of users of Chromium-based browsers such as Google Chrome, Microsoft Edge, Brave, and…
-
Ubiquiti patches three max severity UniFi OS vulnerabilities
Ubiquiti has released security updates to patch three maximum severity vulnerabilities in Unify OS that can be exploited by remote attackers without privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities/
-
CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog
Tags: ai, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, risk, tool, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Langflow vulnerability, tracked as CVE-2025-34291, to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting active exploitation risks and urging immediate remediation. The vulnerability stems from an origin validation flaw in Langflow, a popular tool used for building and orchestrating AI-driven workflows. According to CISA,…
-
Popular npm Package “art-template” Backdoored in Watering-Hole Attack
Hackers compromised the popular art-template npm package to inject a stealthy backdoor that redirected users’ browsers to a malicious watering”‘hole site delivering a Coruna”‘class iOS exploit framework. The campaign turned a widely used JavaScript templating library into a delivery vehicle for advanced Safari exploits targeting iPhones running iOS 11 through 17.2. The art-template package is…
-
Hackers Use Six-Layer Persistence on FreePBX Systems
Hackers are actively exploiting FreePBX systems using a highly resilient six-layer persistence mechanism. The campaign has been attributed with high confidence to the threat actor INJ3CTOR3, known for targeting VoIP infrastructure for financial gain since 2019. The operation deploys a multi-stage Bash dropper that installs a previously undocumented PHP webshell family named JOMANGY, alongside the…
-
CISA Issues Alert on Exploited Microsoft Defender Zero-Day Vulnerabilities
CISA has issued an urgent alert warning organizations about two newly disclosed zero-day vulnerabilities affecting Microsoft Defender, both added to the Known Exploited Vulnerabilities (KEV) catalog on May 20, 2026. CVE-2026-45498: Microsoft Defender DoS Vulnerability CVE-2026-45498 is a denial-of-service (DoS) vulnerability in Microsoft Defender that can cause the security service to stop functioning. An attacker…
-
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Trend Micro Apex One and Langflow flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2025-34291(CVSS score of 9.4) is…
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
Microsoft Patches Actively Exploited Defender Vulnerabilities Affecting Enterprise Systems
Microsoft has confirmed active exploitation of two security vulnerabilities in its security ecosystem, identified as CVE-2026-41091 and CVE-2026-45498, both evaluated under the CVSS scoring system. The issues affect Microsoft Defender and have raised concerns due to confirmed in-the-wild exploitation and potential impact on enterprise systems. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2026-41091-cve-2026-45498-cvss-exploit/
-
CISA’s new KEV nomination form opens reporting to vendors and researchers
The Cybersecurity and Infrastructure Security Agency launched a new nomination form that lets researchers, vendors, and industry partners report known exploited … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/22/cisa-kev-nomination-form/
-
FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins
The U.S. Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (Alert I-052126-PSA) warning about a newly identified Phishing-as-a-Service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users. First observed in April 2026, the platform enables attackers to bypass multi-factor authentication (MFA) by exploiting OAuth-based authentication flows. Kali365 PhaaS Platform Targets Microsoft…
-
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Langflow and Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerabilities in question are listed below – CVE-2025-34291 (CVSS score: 9.4) – An origin validation error vulnerability in Langflow that could First…