Tag: vulnerability
-
Critical ‘Claw Chain’ Vulnerabilities Put Thousands of OpenClaw AI Servers at Risk
Critical Claw Chain vulnerabilities in OpenClaw expose thousands of AI servers to data theft, backdoors, and admin-level attacks globally this week. . First seen on hackread.com Jump to article: hackread.com/claw-chain-vulnerabilities-openclaw-ai-servers-risk/
-
Pwn2Own Berlin 2026, Day Two: $385,750 more, Microsoft Exchange falls, and the running total crosses $900K
Day two of Pwn2Own Berlin 2026 saw $385,750 earned for 15 zero-days, bringing the total to $908,750 and 39 vulnerabilities over two days. During the second day of Pwn2Own Berlin 2026, security researchers earned $385,750 after successfully demonstrating 15 unique zero-day vulnerabilities affecting products such as Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux…
-
New Cisco SD-WAN Zero-Day Grants Admin Access
Broken vdaemon Peering Authentication Enables Unauthenticated Admin Access. A maximum-severity vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited, giving attackers administrative privileges without authentication. The authentication bypass vulnerability stems from a broken peering authentication mechanism. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/new-cisco-sd-wan-zero-day-grants-admin-access-a-31708
-
The Boring Stuff is Dangerous Now
AI agents capable of discovering and exploiting obscure vulnerabilities are emerging alongside developers producing vast amounts of potentially flawed AI-generated code, forcing defenders to adapt accordingly. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/ai-code-and-agents-forces-defenders-adapt
-
Exchange Server zero-day vulnerability can be triggered by opening a malicious email
Tags: automation, data, email, malicious, microsoft, mitigation, risk, service, tactics, update, vulnerability, zero-dayKnown issues with mitigation tactics: However, admins should note there are known issues once the mitigation is applied either manually or automatically through the EM Service.OWA Print Calendar functionality might not work. As a workaround, copy the data or screenshot the calendar you want to print, or use Outlook Desktop client. Inline images might not…
-
Microsoft Debuts Bug Hunting 100-Agent AI System
Computing Giant Touts Multi-Agentic ‘MDASH’ Approach as Superior to Single Models. Microsoft says its new approach to finding vulnerabilities with artificial intelligence outclasses the single models touted by Anthropic and OpenAI. MDASH is only being utilized internally by Microsoft engineers and tested by a small set of customers as part of a limited private preview.…
-
Funnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/
-
Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/pwn2own-day-two-hackers-demo-microsoft-exchange-windows-11-red-had-enterprise-linux-zero-days/
-
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/attackers-exploit-critical-flaw-in-cisco-catalyst-sd-wan-controller/820368/
-
Avada Builder WordPress plugin flaws allow site credential theft
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/avada-builder-wordpress-plugin-flaws-allow-site-credential-theft/
-
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively dubbed Claw Chain by Cyera, can permit an attacker to establish a foothold, expose sensitive data, and plant backdoors. A brief description of the flaws is below –…
-
Cisco zero-day under ongoing attack by persistent threat group
The threat group behind the attacks is also linked to a series of recently disclosed vulnerabilities in the vendor’s firewalls and SD-WAN systems. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-sd-wan-zero-day-exploited/
-
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
Microsoft warned that attackers are exploiting a new Exchange Server zero-day vulnerability, tracked as CVE-2026-42897, in the wild. Microsoft warned that threat actors are actively exploiting a new Exchange Server zero-day vulnerability tracked as CVE-2026-42897 (CVSS score 8.1). The vulnerability is an improper neutralization of input during web page generation (‘cross-site scripting’) in Microsoft Exchange…
-
CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday
Cisco released a patch for the vulnerability on Thursday, writing in an advisory that it could “allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.” First seen on therecord.media Jump to article: therecord.media/cisa-orders-all-federal-agencies-to-patch-cisco-sd-wan-bug
-
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by >>a highly … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/15/cisco-sd-wan-zero-day-cve-2026-20182/
-
VMware Fusion Flaw Could Allow Attackers to Gain Root Privileges
A newly disclosed vulnerability in VMware Fusion has raised serious security concerns after researchers confirmed it could allow attackers to escalate privileges to root on affected systems. The flaw, tracked as CVE-2026-41702, has been rated high severity with a CVSS score of 7.8, highlighting its potential impact in real-world environments. VMware Fusion Flaw Broadcom, which…
-
Cisco warns of an actively exploited SD-WAN flaw with max severity
Tags: access, advisory, cisco, cloud, control, cve, cvss, cybersecurity, data-breach, exploit, flaw, infrastructure, kev, malicious, mitigation, network, service, software, update, vulnerabilityroot user account,” Cisco said. “Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.”The issue, tracked as CVE-2026-20182, received a max-severity rating of CVSS 10.0. The company said that the issue is configuration-independent, meaning vulnerable systems remain exposed regardless of deployment-specific settings.Cisco…
-
Google Project Zero Details Pixel 10 Zero-Click Exploit Chain
A powerful zero-click exploit chain for the Pixel 10 that can take an attacker from a remote Dolby decoding bug to full kernel control through a single vulnerable video processing driver. The work shows both how quickly Google can now patch critical issues and how shallow mistakes in vendor drivers can still undermine Android’s security…
-
PraisonAI Vulnerability Actively Exploited Within Hours of Being Made Public
A high-severity vulnerability in PraisonAI is drawing urgent attention after security researchers observed exploitation attempts within hours of public disclosure. The flaw, tracked as CVE-2026-44338 and documented in the GitHub advisory GHSA-6rmh-7xcm-cpxj, exposes a critical authentication bypass in the platform’s legacy API server, potentially allowing attackers to execute AI workflows without credentials. PraisonAI Vulnerability The…
-
Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers
The zero-day vulnerability affects on-premises installations for all versions of Exchange Server 2016, 2019 and Subscription Edition First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-zeroday-exchange-servers/
-
Fragnesia Linux Kernel Flaw Enables Root Privilege Escalation
Security researchers have disclosed a newly identified local privilege escalation vulnerability in the Linux Kernel, dubbed “Fragnesia,” which belongs to the broader Dirty Frag family of flaws. The issue, officially tracked as CVE-2026-46300, affects the Linux Kernel’s XFRM ESP-in-TCP subsystem and allows unprivileged local attackers to escalate privileges to root by corrupting page-cache memory. First seen on…
-
Unpatched Microsoft Exchange Server vulnerability exploited (CVE-2026-42897)
A critical cross-site scripting (XSS) vulnerability (CVE-2026-42897) in Microsoft Exchange Server is being exploited by attackers, Microsoft warned on Thursday. A permanent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/15/exchange-server-cve-2026-42897-exploited/
-
Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while targeting Outlook on the web users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-exchange-zero-day-flaw-exploited-in-attacks/
-
Microsoft Warns HPE Operations Agent Abused in Malware-Free Attacks
Tags: attack, cyber, cyberattack, exploit, malware, microsoft, software, threat, tool, vulnerabilityMicrosoft has revealed a stealthy intrusion campaign where attackers bypassed traditional malware and exploits, instead abusing trusted enterprise tools to silently infiltrate networks. The technique highlights a growing shift in cyberattacks where adversaries rely on legitimate software and existing trust relationships to evade detection. Notably, no vulnerability in HPE OA was exploited. Instead, threat actors…
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
-
Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
The world’s top ethical hackers wasted no time breaking into modern software and AI systems on the opening day of Pwn2Own Berlin 2026, exposing critical zero-day vulnerabilities in Microsoft Edge, Windows 11, LiteLLM, and NVIDIA platforms. On May 14, researchers demonstrated 24 unique zero-day exploits, earning a total of $523,000 in rewards, according to Trend…
-
Google AI Threat Tracker: KI entwickelt erstmals Zero-Day-Exploit und skaliert Cyberangriffe weltweit
Laut GTIG ist dies der erste bekannte Fall, in dem Angreifer KI erfolgreich zur Entwicklung einer Zero-Day-Schwachstelle eingesetzt haben. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/google-ai-threat-tracker-ki-entwickelt-erstmals-zero-day-exploit-und-skaliert-cyberangriffe-weltweit/a45150/
-
Amazon Redshift JDBC Driver Flaws Expose Systems to RCE Attacks
Amazon Redshift users are facing a serious security risk after researchers uncovered a high-severity vulnerability that could allow attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2026-8178, affects the widely used Amazon Redshift JDBC Driver and raises concerns for organizations that rely on Java-based database connectivity. Redshift JDBC Driver Flaws The…