Tag: privilege escalation
95 articles

Spirals Ransomware Encrypts Network in Record Time
In a lightning-fast attack, the newly identified Spirals ransomware gang compromised a network and encrypted its entire system in under 24 hours, showcasing an alarming level of speed and sophistication. The attack began with a simple vulnerability - an exposed IIS server - which allowed hackers to upload a web shell and rapidly escalate their privileges.

Browser, Software Updates Fix Critical Flaws
Major tech players, including Adobe, Mozilla, Google, and Broadcom, have just rolled out critical security updates to fix dozens of vulnerabilities - and it's crucial to install them ASAP to avoid potential code execution and privilege escalation threats. Adobe alone is patching 88 flaws, including eight high-risk issues in ColdFusion that could lead to serious security breaches.

Microsoft Fixes Defender Flaw That Exposes Systems to SYSTEM Privileges
Microsoft has patched a critical flaw in its Defender software, known as RoguePlanet, that could have allowed hackers to gain SYSTEM privileges and take control of vulnerable systems. The vulnerability, tracked as CVE-2026-50656, has been fixed with the latest security updates.

Ubiquiti Fixes Flaws in UniFi Ecosystem
Ubiquiti has patched a critical vulnerability in its UniFi ecosystem, specifically a command injection flaw with a perfect 10.0 CVSS score, that could let hackers take control of your device. The update fixes issues across UniFi products, shielding you from potential attacks that could escalate privileges or make unauthorized changes.

Ransomware gangs exploit Windows BlueHammer flaw
Ransomware gangs are actively exploiting a critical Microsoft Defender flaw, nicknamed BlueHammer, which has been added to CISA's list of Known Exploited Vulnerabilities. This vulnerability is a prime target for malicious cyber actors, posing a significant risk to those who haven't yet applied the necessary patches.

Linux Kernel Flaw Exposes Local Users to Root Privilege Escalation
A newly discovered Linux Kernel flaw, CVE-2026-43503, allows local users to easily escalate their privileges to root level, putting systems at risk. This vulnerability, dubbed DirtyClone, lets attackers corrupt file-backed memory and gain unrestricted access with just a few clever steps.

macOS Flaw Enables Users to Disable EDR, MDM Tools
A security flaw in macOS has been discovered that allows users to quietly disable crucial enterprise security tools, including EDR and MDM, without needing administrator privileges. This gap in endpoint security models could leave businesses vulnerable to attacks.

Cisco SD-WAN Zero-Day Exploited for Root Access
A shocking new discovery reveals that a Cisco SD-WAN zero-day vulnerability, CVE-2026-20245, was exploited for root access at least two months before its public disclosure. This highly critical flaw, with a CVSS score of 7.8, allows attackers to execute arbitrary commands with elevated privileges.

Hackers Exploit Cisco Zero-Day for High-Level Access at Telecom Provider
In a chilling cyberattack, hackers exploited a previously unknown Cisco zero-day vulnerability to gain unrestricted access to a major telecom provider's system, creating a rogue admin account with full control. The breach, detected in March, was carried out in two waves, allowing the attackers to infiltrate the provider's SD-WAN Manager devices.

Microsoft Tackles RoguePlanet Defender Flaw with Imminent Patch
Microsoft is working on a patch to fix a serious security flaw in Microsoft Defender, known as RoguePlanet, which could allow hackers to gain elevated privileges on affected systems. A high-quality security update is imminent to address this vulnerability and protect users.

CISA Warns of Actively Exploited cPanel Plugin Flaw
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical cPanel plugin flaw, CVE-2026-54420, that's being actively exploited by hackers, posing a significant risk to all user-end plugin versions prior to 2.4.8. This vulnerability allows attackers to escalate privileges to root, putting your online security at risk.

CISA Warns of LiteSpeed cPanel Plugin Flaw Exploited for Root Access
A critical vulnerability in the LiteSpeed cPanel Plugin, known as CVE-2026-54420, has been flagged by CISA for its high risk of exploitation, with a CVSS score of 8.5, and federal agencies have until June 18, 2026, to apply the necessary fix. This flaw allows for privilege escalation and has been added to the Known Exploited Vulnerabilities catalog, requiring swift action to prevent potential root access attacks.

SimpleHelp vulnerability exposes servers to rogue remote support accounts
A critical vulnerability in SimpleHelp, known as CVE-2026-48558, lets hackers create rogue remote support accounts and gain privileged access to servers, allowing them to execute scripts and wreak havoc on your system. This gaping security hole enables unauthenticated attackers to bypass multi-factor authentication and log in as a Technician user, putting your entire network at risk.

LiteLLM Vulnerability Chain Enables Low-Privilege Server Takeover
A shocking vulnerability chain in LiteLLM has been discovered, allowing hackers to hijack servers with just a low-privilege account, and experts warn it's a critical threat with a near-perfect CVSS score of 9.9. By chaining three distinct bugs, attackers can escalate their access to full admin rights and run code on the server.

Cisco Patches SD-WAN Flaw Exploited in Zero-Day Attacks
Cisco has patched a high-risk SD-WAN flaw, known as CVE-2026-20262, that was being exploited in zero-day attacks to gain root privileges. The vulnerability allowed attackers to create or overwrite files on affected systems, and Cisco has now released security updates to fix the issue.

Microsoft Patch Tuesday Disrupts 206 Vulnerabilities, Including Zero-Days
Microsoft just dropped a massive Patch Tuesday update, fixing a record 206 security vulnerabilities in its software - including three already publicly known flaws - to keep your digital world safe and secure. This critical update tackles a wide range of threats, from remote code execution and privilege escalation to spoofing and more.

Microsoft Fixes Zero-Days in June Patch Tuesday Update
Microsoft just dropped some critical patches in its June update, fixing three zero-day vulnerabilities that left Windows systems open to attacks - and one security researcher isn't happy about the delayed fix. The update squashes bugs that allowed hackers to escalate privileges or bypass disk encryption.

Google Patches Actively Exploited Android Flaw Amid June Update
Google just dropped a crucial security update for Android, fixing 124 vulnerabilities, including a high-severity flaw that's being actively exploited - don't wait, patch up your device now! This critical fix tackles a privilege escalation bug that can be triggered without any user interaction, putting your data at risk.

Google patches actively exploited Android zero-day flaw amid June security updates
Google just patched a high-severity Android flaw that's being actively exploited by hackers, allowing them to gain control of devices running Android 14 or later. The June security update fixes this zero-day vulnerability, along with 123 others, to keep your device safe.

WP Maps Pro Flaw Exploited to Create Admin Accounts
A critical vulnerability in the popular WP Maps Pro plugin, used by over 15,000 WordPress sites, has been exploited to create admin accounts, putting countless websites at risk of complete takeover. This high-severity flaw, tracked as CVE-2026-8732, allows attackers to escalate privileges and gain unrestricted access.
Fortinet Flaw Exploited to Deploy Credential Stealer
Hackers have exploited a critical Fortinet flaw, CVE-2026-35616, to turn trusted systems into a launchpad for a sneaky new credential-stealing campaign. This vulnerability, with a near-perfect CVSS score of 9.1, allowed attackers to bypass security and wreak havoc.

Microsoft Decries Uncoordinated Zero-Day Disclosures
Microsoft slammed researchers who publicly revealed six zero-day vulnerabilities without giving the company a heads-up, putting customers at unnecessary risk. The tech giant named and shamed the flaws, including privilege escalation vulnerabilities in Microsoft Defender and a security feature bypass vulnerability in Windows BitLocker.

CISA Mandates Emergency Patch for Exploited cPanel Plugin Flaw
A critical vulnerability in the LiteSpeed cPanel plugin, known as CVE-2026-48172, is being actively exploited by remote attackers, allowing them to execute arbitrary scripts with root privileges. CISA has issued an emergency patch, giving affected users just four days to update and protect themselves.

Drupal Core SQL Injection Flaw Actively Exploited
Drupal has confirmed that exploit attempts for a critical SQL injection flaw, CVE-2026-9082, are being actively detected in the wild, posing a significant risk of privilege escalation and remote code execution. This vulnerability affects all supported Drupal Core versions and can lead to full site compromise if not addressed promptly.