Tag: active exploitation
11 articles

Oracle E-Business Suite Flaw CVE-2026-46817 Sees Active Exploitation
A critical flaw in Oracle Payments, known as CVE-2026-46817, is being actively exploited by hackers, allowing them to easily take control of vulnerable Oracle E-Business Suite instances. This easily exploitable vulnerability has a near-perfect CVSS score of 9.8, making it a high-risk threat to organizations using Oracle Payments.

Cisco SD-WAN Zero-Day Under Active Attack
Cisco SD-WAN is under siege from a zero-day vulnerability that's being actively exploited - and there's no patch in sight, leaving sys admins scrambling to protect their networks.

CISA Warns of Active Exploits Targeting Android, Linux Flaws
A high-severity Android flaw, CVE-2025-48595, is being actively exploited in targeted attacks, allowing hackers to gain increased privileges without needing any user interaction. This critical vulnerability affects Android 14-16 and has prompted CISA to add it to its list of Known Exploited Vulnerabilities.

Microsoft Exchange Servers Targeted in Active Exploitation
Microsoft has sounded the alarm on a critical vulnerability in on-premise Exchange Servers, known as CVE-2026-42897, that's currently being exploited by hackers - and the company is urging affected users to act fast. A temporary fix is in place, with a permanent patch on the way.

CISA Warns of Active Exploitation of SD-WAN Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on a newly discovered SD-WAN flaw that's already being exploited by attackers, giving US government agencies just four days to secure vulnerable systems. Time is of the essence in this urgent directive, which CISA has framed as an operational emergency.

Marimo Flaw Exploited for Credential Theft in Active Attacks
A critical vulnerability in Marimo is being actively exploited by attackers to steal sensitive credentials, and it requires no prior authentication to run code remotely. This flaw has severe consequences for organizations using Marimo, making it essential to take immediate action.

CISA Exclusive: Critical n8n Bug Exploited in Wild
CISA confirms a critical n8n vulnerability is being actively exploited—what automates your workflows can now let attackers run arbitrary code, so internet‑exposed instances need immediate mitigation or patching.

7-Zip Critical RCE: Exclusive Warning as Hackers Exploit
Imagine your go‑to file extractor becoming an attacker’s backdoor—7‑Zip’s RCE (CVE‑2025‑11001) is being actively exploited. Update to 7‑Zip 25.00 now, check for signs of compromise, and treat any unpatched machines as high risk.

TP-Link VPN Routers: Stunning Critical Flaws Found
Think your TP‑Link VPN router is the guardian of your home network? Researchers discovered critical, actively exploited flaws that can let attackers intercept traffic or gain persistent access—patch, disable WAN management, or replace affected devices now.

TP-Link VPN Routers: Exclusive Critical Flaw Revealed
Researchers just found the keys to TP‑Link VPN routers: critical flaws could let attackers hijack home and small‑business networks to snoop, redirect traffic, or stage wider attacks. Patch now, disable unnecessary remote management, and treat your router like vital infrastructure before it’s too late.

Microsoft WSUS flaw: Exclusive urgent fix for severe exploit
Heads up: Microsoft released an emergency patch for a critical WSUS vulnerability (CVE‑2025‑59287) that’s already being exploited in the wild. Administrators must weigh rapid deployment against potential disruption — but with exploit code circulating, closing the exposure window should be the priority.