Tag: exploit
-
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco’s network control system. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/maximum-severity-cisco-sd-wan-bug-exploited
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin/
-
Meet Fragnesia, the third Linux kernel vulnerability in a month
Tags: access, control, exploit, framework, least-privilege, linux, mfa, mitigation, monitoring, password, service, switch, update, vulnerabilityCSO. “It is bypassing traditional filesystem permissions that are present and enforced (for example, ‘file is owned by root’, or ‘file is read-only’) to allow manipulation without touching the disk.”Similar to Dirty Frag, Fragnesia (CVE-2026-46300) is a local privilege escalation hole that exploits a vulnerability in the XFRM ESP-in-TCP subsystem to achieve a memory write…
-
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks/
-
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in Cisco Catalyst SD-WAN, tracked as CVE-2026-20182 (CVSS score of 10.0), to its Known Exploited Vulnerabilities (KEV) catalog. Cisco fixed CVE-2026-20182, a flaw in SD-WAN control…
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/
-
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks.The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0.”A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly First seen…
-
Zero-day exploit completely defeats default Windows 11 BitLocker protections
It’s not entirely clear how the exploit works. Microsoft says it’s investigating. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections/
-
Zero-day exploit completely defeats default Windows 11 BitLocker protections
It’s not entirely clear how the exploit works. Microsoft says it’s investigating. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/05/zero-day-exploit-completely-defeats-default-windows-11-bitlocker-protections/
-
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/sd-wan-ongoing-exploitation/
-
18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/18-year-old-nginx-vulnerability-allows-dos-potential-rce/
-
Frontier AI models reap rapid discovery of security vulnerabilities
Security teams have just a few months before AI-driven exploitation becomes the norm, researchers warn. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/frontier-ai-rapid-discovery-security-vulnerabilities/820258/
-
FamousSparrow Targeted Oil and Gas Industry via MS Exchange Server Exploit
Bitdefender Labs reveals how the China-linked FamousSparrow hacking group targeted an Azerbaijani energy firm using ProxyNotShell, Deed RAT,… First seen on hackread.com Jump to article: hackread.com/famoussparrow-oil-gas-ms-exchange-server-exploit/
-
Chinese APT Exploits Microsoft Exchange to Breach Energy Sector Network
Chinese state-aligned hackers compromised a Microsoft Exchange server at a major energy firm. They repeatedly reused that same entry point to run a months”‘long espionage operation, deploying the Deed RAT and Terndoor backdoors to maintain deep access across the network. The activity is attributed with moderate”‘to”‘high confidence to FamousSparrow, a China”‘aligned APT cluster that overlaps…
-
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure.The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the First seen on…
-
How AI Hallucinations Are Creating Real Security Risks
AI hallucinations are introducing serious security risks into critical infrastructure decision-making by exploiting human trust through highly confident yet incorrect outputs. When an AI model lacks certainty, it doesn’t have a mechanism to recognize that. Instead, it generates the most probable response based on patterns in its training data, even if that response is inaccurate.…
-
GitLab Security Flaw Allows Cross-Site Scripting and Unauthenticated DoS
GitLab has issued an urgent security update to neutralise a massive wave of vulnerabilities. Threat actors could exploit these newly disclosed flaws to silently hijack developer sessions or completely paralyze continuous integration pipelines with unauthenticated attacks. GitLab Security Flaw On May 13, 2026, GitLab released critical patch versions 18.11.3, 18.10.6, and 18.9.7 for both its…
-
Hackers Hijack HWMonitor to Sideload Malicious DLL
Hackers are once again exploiting user trust in legitimate software, this time abusing the popular CPUID HWMonitor utility to deliver a stealthy remote access trojan. The malicious archive mimics a legitimate installer, highlighting how trusted tools remain a powerful lure for initial access. The weaponized ZIP archive, distributed via a fake download link, contains the…
-
Langflow CVE-2026-33017 Exploited to Steal AWS Keys, Deploy NATS Worker
Langflow instances left unpatched against CVE-2026-33017 are now being actively abused not just for remote code execution, but as launchpads to steal AWS keys and join a NATS-backed botnet-style worker pool dubbed “KeyHunter.” The vulnerability, now listed in CISA’s Known Exploited Vulnerabilities (KEV) catalog, affects Langflow public flow-building endpoint and allows arbitrary Python execution without…
-
PoC Released for 18-Year-Old NGINX Flaw Allowing Remote Code Execution
A critical vulnerability in NGINX’s source code, hidden since 2008, has finally been exposed, and a working exploit is already in the wild. Security researchers at depthfirst have publicly released a proof-of-concept (PoC) exploit demonstrating unauthenticated remote code execution (RCE) against NGINX, the world’s most popular web server, powering nearly one-third of all websites globally.…
-
Gentlemen RaaS Exploits Fortinet and Cisco Edge Devices for Initial Access
The Gentlemen ransomware-as-a-service (RaaS) operation is turning exposed Fortinet and Cisco edge devices into a fast lane into enterprise networks and doing it at scale. What began as a rising RaaS brand in mid”‘2025 has, by early 2026, evolved into one of the most active programs on the underground, with hundreds of victims and a…
-
Microsoft May 2026 Patch Tuesday: Many fixes, but no zero-days
Microsoft has marked May 2026 Patch Tuesday by releasing fixes for 120+ CVE-numbered vulnerabilities, none of which (for a change) are actively exploited or have been publicly … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/microsoft-may-2026-patch-tuesday/
-
Mistral AI SDK, TanStack Router hit in npm software supply chain attack
Tags: ai, api, attack, breach, cloud, credentials, data, data-breach, exploit, github, kubernetes, malicious, malware, network, open-source, password, router, service, software, supply-chain, switch, vulnerabilitypull_request_target. This allows third-party workflows to run automatically, a way of avoiding maintainer approval fatigue, but means that the maintainer’s short-lived OIDC tokens become vulnerable to scraping.Armed with these tokens, the attacker were able to compromise the packages by injecting the malicious Mini Shai-Hulud malware, which propagated to other projects.The purpose is to steal developer…
-
AI-Built Zero-Day Nearly Powered Mass Attack
Google Says Criminals Used AI to Discover and Code Exploit. A cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model had built from scratch, said Google researchers. Google said it worked with the affected vendor to patch the flaw before an attack could…