Tag: exploit

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

Apr 5, 2026 7:50 AM

Tags: access, api, authentication, control, cve, exploit, flaw, fortinet, vulnerability

Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild.The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading to privilege escalation.”An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an First seen…
U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

Apr 4, 2026 7:51 PM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in TrueConf Client, tracked as CVE-2026-3502 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. TrueConf is a videoconferencing platform often used in secure, offline…
FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

Apr 4, 2026 4:51 PM

Tags: cyber, endpoint, exploit, fortinet, vulnerability, zero-day

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wild. This time … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/04/forticlient-ems-zero-day-cve-2026-35616/
One-Time Passcodes Are Gateway for Financial Fraud Attacks

Apr 4, 2026 12:51 AM

Tags: attack, authentication, control, exploit, finance, fraud

Report Reveals Growing Trend of Fraudsters Intercepting SMS-Based Verification. Financial institutions have historically relied on one-time passcodes as a primary authentication control for their accountholders. But OTP verification is less reliable as fraudsters increasingly exploit SMS-based verification weaknesses to carry out account takeover and payment fraud schemes. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/one-time-passcodes-are-gateway-for-financial-fraud-attacks-a-31341
Cisco fixes critical IMC auth bypass present in many products

Apr 3, 2026 11:52 PM

Tags: access, ai, api, apt, attack, authentication, cisco, computing, credentials, cybersecurity, dns, email, exploit, firewall, firmware, flaw, group, infrastructure, linux, malicious, monitoring, network, password, ransomware, risk, router, vulnerability, zero-day

[ Related: More Cisco news and insights ] The Cisco IMC is a baseboard management controller (BMC), a dedicated controller embedded into server motherboards with its own RAM and network interface that gives administrators monitoring and management capabilities as if they were physically connected to the server with a keyboard, monitor, and mouse (KVM). Because BMCs run…
Security lapse lets researchers view React2Shell hackers’ dashboard

Apr 3, 2026 10:52 PM

Tags: access, attack, breach, credentials, data-breach, exploit, hacker, Internet, risk, update, vulnerability

Industrial scale: “This is all about neglect and efficiency,” Gene Moody, field CTO at patch management provider Action1, told CSO . “React2Shell quickly met all the criteria attackers look for: public disclosure, reliable exploitation, and internet-facing exposure. That combination effectively guaranteed widespread abuse. Since then, multiple campaigns have automated the full [attack] lifecycle [of], scanning,…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
5 essential steps to bulletproof your endpoint security (and avoid the biggest mistakes)

Apr 3, 2026 10:52 PM

Tags: ai, antivirus, attack, automation, backup, business, control, data, defense, detection, edr, endpoint, exploit, identity, linux, macOS, malware, metric, monitoring, ransomware, resilience, risk, soc, strategy, threat, tool, unauthorized, update, vulnerability, windows, zero-day

Inventory all devices continuously. Go beyond manual tracking. Automated discovery tools can identify each device, from remote laptops to IoT assets, as soon as they join your network. Mitigate shadow IT risk. Unmanaged devices are a favorite entry point for attackers. Every asset must be accounted for and brought under management. No exceptions. Learn more about automating discovery and reducing blind spots in your endpoint management strategy…
CISA gives agencies two weeks to patch video conferencing bug exploited by Chinese hackers

Apr 3, 2026 10:52 PM

Tags: china, cisa, exploit, government, hacker, software, update, vulnerability

A bug in a popular line of video conferencing software is being exploited by hackers, prompting the U.S. government to order all agencies to patch the vulnerability within two weeks. First seen on therecord.media Jump to article: therecord.media/trueconf-cyberattack-cisa-hackers
Ukraine warns Russian hackers are revisiting past breaches to prepare new attacks

Apr 3, 2026 3:50 PM

Tags: access, attack, breach, credentials, exploit, hacker, infrastructure, russia, ukraine, vulnerability

In a new report, CERT-UA said attackers are revisiting previously breached infrastructure to check whether access is still available, whether exploited vulnerabilities have been patched and whether previously obtained credentials remain valid. First seen on therecord.media Jump to article: therecord.media/ukraine-warns-russian-hackers-revisiting-old-attacks
New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover

Apr 3, 2026 3:50 PM

Tags: cve, cyber, data-breach, exploit, flaw, Internet, remote-code-execution, unauthorized, update, vulnerability

Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracked as CVE-2026-2699 and CVE-2026-2701, enable unauthenticated attackers to achieve Remote Code Execution (RCE) and completely compromise vulnerable servers. With roughly 30,000 instances exposed to the public internet, organizations are urged to patch immediately to…
New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover

Apr 3, 2026 3:50 PM

Tags: cve, cyber, data-breach, exploit, flaw, Internet, remote-code-execution, unauthorized, update, vulnerability

Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracked as CVE-2026-2699 and CVE-2026-2701, enable unauthenticated attackers to achieve Remote Code Execution (RCE) and completely compromise vulnerable servers. With roughly 30,000 instances exposed to the public internet, organizations are urged to patch immediately to…
14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability

Apr 3, 2026 1:51 PM

Tags: access, attack, cve, cyber, cybersecurity, data-breach, exploit, flaw, Internet, network, rce, remote-code-execution, vulnerability

Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity upgrade to a recently disclosed flaw, over 17,100 instances are currently exposed to the internet, leaving enterprise networks vulnerable to full system takeovers. The Escalation of CVE-2025-53521 The vulnerability, tracked as CVE-2025-53521, was initially classified…
Claude Code source leak exploited to spread malware

Apr 3, 2026 1:51 PM

Tags: cybersecurity, data-breach, exploit, leak, malware, threat, tool

A source code leak involving Anthropic’s Claude Code tool quickly escalated into a cybersecurity threat, as attackers seized on the exposed files to lure developers into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/03/claude-code-leak-github-malware/
CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild

Apr 3, 2026 1:51 PM

Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, threat, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its Known Exploited Vulnerabilities (KEV) catalog. This addition follows clear evidence that threat actors are actively exploiting the bug in real-world attacks. The Vulnerability (CVE-2026-3502) Tracked as CVE-2026-3502, the flaw is categorized as a >>Download of…
Trusted Platforms Exploited to Steal Philippine Banking Credentials

Apr 3, 2026 11:51 AM

Tags: attack, banking, credentials, cyber, email, exploit, finance, hacker, phishing

Hackers are increasingly exploiting trusted online platforms to launch sophisticated phishing campaigns targeting bank users in the Philippines. Despite ongoing improvements in email security, phishing remains one of the most effective attack methods due to its scalability and ease of deployment. The campaign, active since early 2024 and still evolving in 2026, primarily targets customers…
The Cyber Express Weekly Roundup: Ransomware, and Supply Chain Breaches Surge

Apr 3, 2026 9:51 AM

Tags: breach, cyber, cyberattack, cybersecurity, exploit, ransomware, risk, supply-chain, threat

In this week’s weekly roundup, The Cyber Express delivers a concise overview of the latest cybersecurity news, highlighting major cyberattacks, new ransomware risks, and supply chain vulnerabilities. Organizations across industries continue to face a surge in modern cyber threats, ranging from targeted breaches to large-scale exploitation campaigns that disrupt operations and expose sensitive data. First seen on…
Cryptohack Roundup: Charges in Uranium Finance Case

Apr 3, 2026 5:50 AM

Tags: china, crypto, exploit, finance, nvidia

Also: Chinese Firms Indicted in Crypto-Linked Fentanyl Supply Case. This week, charges filed in Uranium Finance hack, indictment of Chinese firms in fentanyl supply case, a class action lawsuit against Nvidia, Drift Protocol exploit, KuCoin operational barriers in the United States and a U.K. sanction filed against Xinbi. First seen on govinfosecurity.com Jump to article:…
Breach Roundup: Feds Confirm ‘Major’ Hack of FBI System

Apr 3, 2026 5:50 AM

Tags: breach, citrix, data, exploit, flaw, fraud, healthcare, iran, leak, ransomware, russia, update, zero-day

Also, Lloyds Data Leak, Dutch Treasury Breach, Citrix Bug Exploit, Pay2Key Activity. This week, Lloyds data leak hits 450K, Dutch treasury breach, Citrix flaw exploited, Iran-linked ransomware ops, TrueConf zero-day, Russian fraud ring sentenced, Romania targeted, patch gaps persist, and U.S. hospital breach affects 257K. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-feds-confirm-major-hack-fbi-system-a-31329
When Your Own Eyes Turn Against You: How Compromised Security Cameras and IoT/OT Devices Become Tools for Your Attackers

Apr 3, 2026 1:51 AM

Tags: access, advisory, attack, botnet, cctv, china, cloud, control, corporate, credentials, cyber, cyberattack, cybersecurity, dark-web, data, data-breach, defense, detection, endpoint, espionage, exploit, finance, firmware, flaw, government, group, hacking, healthcare, infrastructure, intelligence, international, Internet, iot, iran, law, linux, malware, network, office, privacy, ransomware, resilience, risk, russia, service, supply-chain, technology, threat, tool, ukraine, unauthorized, update, vpn, vulnerability, warfare, windows, zero-day, zero-trust

TL;DR Security cameras, IoT, and OT devices that are meant to protect us, are easily compromised and turned against defenders, enabling nation-state reconnaissance (Iranian hacks on Hikvision/Dahua cameras during strikes, Russian webcam abuse in Ukraine), espionage via exposed live feeds, ransomware pivots (Akira group bypassing EDR), massive botnets (Mirai/Eleven11bot), and physical disruption. Structural weaknesses like…
Claude Code leak used to push infostealer malware on GitHub

Apr 2, 2026 11:53 PM

Tags: exploit, github, leak, malware, threat

Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/claude-code-leak-used-to-push-infostealer-malware-on-github/
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

Apr 2, 2026 10:51 PM

Tags: api, breach, credentials, cve, exploit, github, hacker, infection, service, threat, vulnerability

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale.Cisco Talos has attributed the operation to a threat cluster it tracks as First seen on…
Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Apr 2, 2026 9:52 PM

Tags: attack, browser, chrome, exploit, flaw, google, update, vulnerability, zero-day

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and full device compromise. The post Patch Now: Chrome Flaw Under Active Attack, Google Confirms appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-zero-day-cve-2026-5281-active-exploit/
Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to ‘DarkSword’ Exploit

Apr 2, 2026 7:51 PM

Tags: apple, exploit, iphone, update, vulnerability

Apple issues a rare iOS 18 security patch as the DarkSword exploit threatens up to 270 million iPhones, marking a shift in its long-standing update policy. The post Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to ‘DarkSword’ Exploit appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-ios-18-darksword-exploit-security-patch/
Critical flaw in F5 BIG-IP faces wide exploitation risk

Apr 2, 2026 6:51 PM

Tags: advisory, exploit, flaw, risk

The company revised a security advisory as newly disclosed information heightens the potential impact. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-flaw-in-f5-big-ip-faces-wide-exploitation-risk/816475/
ICE says it bought Paragon’s spyware to use in drug trafficking cases

Apr 2, 2026 6:51 PM

Tags: communications, exploit, spyware

The acting director of U.S. Immigration and Customs Enforcement told lawmakers that the use of Paragon spyware is necessary to counter terrorists’ “thriving exploitation of encrypted communications platforms.” First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/02/ice-says-it-bought-paragons-spyware-to-use-in-drug-trafficking-cases/
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Apr 2, 2026 6:51 PM

Tags: access, authentication, cisco, cve, cvss, exploit, flaw, update, vulnerability

Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system with elevated privileges.The vulnerability, tracked as CVE-2026-20093, carries a CVSS score of 9.8 out of a maximum of 10.0.”This First…
Apple expands “DarkSword” patches to iOS 18.7.7

Apr 2, 2026 5:50 PM

Tags: apple, exploit, vulnerability

Apple has quietly expanded patches against the vulnerabilities in the DarkSword exploit kit to include iOS and iPadOS 18.7.7 First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/apple-expands-darksword-patches-to-ios-18-7-7/
Apple Expands iOS 18 Security Updates Amid DarkSword Threat

Apr 2, 2026 4:51 PM

Tags: apple, exploit, threat, update

iOS/iPadOS 18.7.7 updates expanded to protect older devices from DarkSword web exploit kit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/apple-ios-18-updates-darksword/
Adversaries Exploit Vacant Homes to Intercept Mail in Hybrid Cybercrime

Apr 2, 2026 4:51 PM

Tags: cybercrime, exploit, fraud, mail, service, threat

Threat actors are exploiting vacant homes as “drop addresses” to intercept mail and enable fraud. Flare shows how postal services and fake identities are abused to turn mail into a fraud vector. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/adversaries-exploit-vacant-homes-to-intercept-mail-in-hybrid-cybercrime/