Tag: exploit
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
Hackers Exploit Critical Fortinet FortiSandbox Flaws in Active Attacks
Security researchers have reported active exploitation attempts targeting multiple critical vulnerabilities in Fortinet FortiSandbox appliances, raising concerns about potential compromises in enterprise security infrastructure. According to threat intelligence shared by Defused Cyber, attackers have started leveraging newly disclosed flaws, including CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, within the last 24 hours. Critical Fortinet FortiSandbox Flaws FortiSandbox is…
-
Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic
Tags: communications, control, cyber, exploit, hacker, infrastructure, malicious, microsoft, ransomware, threatMicrosoft Teams’ trusted infrastructure has been exploited by threat actors to secretly route malicious traffic, leading to a highly stealthy ransomware campaign attributed to the DragonForce group. Security researchers have discovered a novel technique in which attackers exploit Microsoft Teams’ TURN (Traversal Using Relays around NAT) servers to conceal command-and-control (C2) communications, making malicious activity…
-
Microsoft Teams Relay Abused by Hackers to Hide Malicious Traffic
Tags: communications, control, cyber, exploit, hacker, infrastructure, malicious, microsoft, ransomware, threatMicrosoft Teams’ trusted infrastructure has been exploited by threat actors to secretly route malicious traffic, leading to a highly stealthy ransomware campaign attributed to the DragonForce group. Security researchers have discovered a novel technique in which attackers exploit Microsoft Teams’ TURN (Traversal Using Relays around NAT) servers to conceal command-and-control (C2) communications, making malicious activity…
-
Critical Copilot vulnerability allowed hackers to seal 2FA code from users
SearchLeak exploit shows why the industry’s approach to LLM security fails over and over. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/critical-copilot-vulnerability-allowed-hackers-to-seal-2fa-code-from-users/
-
CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation
Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arbitrary file write vulnerability affecting Catalyst SD-WAN Manager. CVE-2026-20262 (CVSS score of 6.5) is an arbitrary file write vulnerability in the web interface of Cisco Catalyst SD-WAN Manager. The flaw is…
-
CISA warns of another cPanel plugin flaw exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the LiteSpeed cPanel user-end plugin. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-warns-of-another-actively-exploited-cpanel-plugin-flaw/
-
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company
Command and control traffic exploited a Teams visitor token to make malicious activity look legitimate to defenders First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dragonforce-ransomware-hidden/
-
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats
Athena is a new an industry coalition to fix the vulnerabilities frontier AI models find before attackers can exploit them First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chainguard-bny-open-source-athena/
-
Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/cisco-sd-wan-cve-2026-20262-exploited/
-
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber.In a post shared on X, the company said it has observed exploitation of CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089 over the past 24 hours.CVE-2026-39813 (CVSS score: 9.1) refers to a path traversal vulnerability in FortiSandbox JRPC API that could First…
-
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/
-
Critical Fortinet FortiSandbox flaws now exploited in attacks
Attackers are now exploiting several critical vulnerabilities in Fortinet’s FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-fortinet-fortisandbox-flaws-now-exploited-in-attacks/
-
U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: CVE-2026-20262 is an arbitrary…
-
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.”A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker…
-
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the fixes by June 18, 2026.The vulnerability in question is CVE-2026-54420 (CVSS score: 8.5), which has been described as a case of…
-
PAN-OS GlobalProtect bug actively exploited, added to CISA’s KEV list
First seen on scworld.com Jump to article: www.scworld.com/news/pan-os-globalprotect-bug-actively-exploited-added-to-cisas-kev-list
-
ShinyHunters Hits Universities Via Oracle Zero-Day
Mandiant: 68% of Targets Were Higher Ed Institutions Running PeopleSoft. ShinyHunters exploited a critical zero-day in Oracle PeopleSoft to breach more than 100 organizations globally, researchers at Mandiant and Google’s Threat Intelligence Group said, with universities and colleges accounting for the majority of confirmed targets in the active extortion campaign. First seen on govinfosecurity.com Jump…
-
Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited
Oracle issued emergency guidance for CVE-2026-35273, a critical PeopleSoft flaw exploited in a ShinyHunters-linked campaign targeting universities. The post Oracle Warns PeopleSoft Customers After Critical Zero-Day Exploited appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-oracle-peoplesoft-zero-day-shinyhunters/
-
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/
-
âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod.This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bait, old login paths still fail, and forgotten software…
-
Schluss mit Patches im menschlichen Tempo PeerPeer-Verteilung schließt die Sicherheitslücke, bevor Angreifer zuschlagen
Die Lücke bei der Behebung wird größer. Die Analyse von mehr als einer Milliarde CISA-Datensätzen zu ‘Known Exploited Vulnerabilities” (KEV) offenbart eine ernüchternde Realität für Sicherheitsverantwortliche: Unternehmen schließen deutlich mehr Tickets als noch vor wenigen Jahren, doch die Lücke zwischen der Identifizierung von Risiken und deren Beseitigung wird immer größer. 88 Prozent der ausgenutzten Schwachstellen…
-
Jenkins RCE Flaw Exploited by Attackers in the Wild
A remote code execution (RCE) vulnerability in Jenkins, tracked as CVE-2026-53435, is now actively exploited in the wild. The flaw, stemming from insecure deserialization during Jenkins’ config.xml processing, allows unauthenticated or low-privileged attackers to execute arbitrary code on vulnerable instances, posing a severe risk to organizations that rely on the popular CI/CD automation server. Jenkins RCE Flaw…
-
Jenkins RCE Flaw Exploited by Attackers in the Wild
A remote code execution (RCE) vulnerability in Jenkins, tracked as CVE-2026-53435, is now actively exploited in the wild. The flaw, stemming from insecure deserialization during Jenkins’ config.xml processing, allows unauthenticated or low-privileged attackers to execute arbitrary code on vulnerable instances, posing a severe risk to organizations that rely on the popular CI/CD automation server. Jenkins RCE Flaw…
-
Backdoor eingeschleust: Supply-Chain-Angriff gefährdet Millionen von Websites
Ein Angreifer hat über mehrere populäre Plug-ins Schadcode verbreitet, der unter WordPress heimlich eine Backdoor mit Admin-Zugriff einrichtet. First seen on golem.de Jump to article: www.golem.de/news/backdoor-eingeschleust-supply-chain-angriff-gefaehrdet-millionen-von-websites-2606-209767.html
-
Palo Alto Warns GlobalProtect VPN Flaw Is Being Actively Exploited
Palo Alto Networks has issued an urgent warning after confirming active exploitation of a GlobalProtect VPN vulnerability, tracked as CVE-2026-0257, impacting PAN-OS deployments with specific configurations. The flaw, which affects the GlobalProtect portal and gateway components, enables an authentication bypass that allows unauthenticated attackers to establish VPN sessions and potentially gain access to internal enterprise…
-
Russia-Aligned Hackers Exploit Old WinRAR Vulnerability to Target Ukrainian Organizations
CVE-2025-8088, a WinRAR path traversal vulnerability patched in July 2025, remains a potent initial access vector for multiple intrusion sets targeting Ukraine. Analysis of attacks through April 2026 shows at least two distinct campaigns exploiting this vulnerability: a compiled-stealer chain attributed to an intrusion set we temporarily label SHADOW-EARTH-066 (tracked by CERT”‘UA as UAC”‘0226) and…