Skip to main content

Tag: vulnerability exploitation

99 articles

Network equipment room with racked device, cables, and blurred management console.

SonicWall Zero-Days Exploited, Enable Admin Command Execution

SonicWall is urging immediate action to fix two zero-day vulnerabilities in its Secure Mobile Access (SMA) 1000 series appliances, which are being actively exploited by attackers to execute admin-level commands. These critical flaws, tracked as CVE-2026-15409 and CVE-2026-15410, could compromise your system's security if not patched right away.

Analyst 207
Joomla website backend on laptop with iCagenda extension file attachment feature.

Joomla Flaws Exploited as Zero-Days in Active Attacks

A critical vulnerability in the iCagenda extension for Joomla, known as CVE-2026-48939, has been exploited as a zero-day since June 15, 2026, allowing attackers to upload arbitrary files via the component's file attachment feature. This severe flaw, scoring 10.0 on the CVSS scale, has already sparked a wave of automated attacks against popular content-management-system extensions.

Analyst 207
Small business office with computers and router, showing vulnerability through a large window overlooking a generic…

Australian Cyber Agency Warns of Global CMS Exploitation Campaign

Beware: a large-scale cyber attack is targeting content management systems worldwide, including in Australia, putting many small- to medium-sized businesses at risk of service disruption, credential theft, and malware installation. The Australian Cyber Security Centre warns that this global campaign is actively scanning for vulnerabilities and compromising websites.

Analyst 207
Brightly-lit server in a data center with a network operations setting.

Hackers exploit auth bypass in Gitea Docker image

Hackers are actively exploiting a critical flaw in the Gitea Docker image, using a single header to bypass authentication and gain access - and security teams are only just catching on. In fact, researchers detected the first real-world hit just 13 days after the vulnerability was disclosed.

Analyst 207
Empty desks and chairs in a brightly-lit office with a blurred computer terminal in the background.

Cyberattacks Exploit Summer Staffing Gaps

Cyberattacks surge by 40% during holiday periods, with summer being a prime target due to lighter staffing and slower business operations that create the perfect storm for cybercriminals to exploit. When teams are on vacation, attackers see an opportunity to probe for vulnerabilities and test response times.

Analyst 207
Laptop screen displays code on a desk with papers and notebook in a minimalist room.

AI Agents Built to Catch Malware Can Be Tricked Into Running It

Researchers have uncovered a vulnerability in AI-powered malware detection systems, cleverly dubbed Friendly Fire, that can be exploited to trick these very systems into running malicious code. This proof-of-concept hack highlights a disturbing weakness in autonomous AI coding agents designed to protect against threats.

Analyst 207
Laptop screen shows generic browser homepage with subtle hint of malicious mod installation in background.

Opera GX Flaw Enables Sites to Auto-Install Malicious Mods

A critical flaw in Opera GX allowed websites to secretly install malicious customization mods, which could then siphon sensitive data from other sites you visited - and it took a $5,000 bounty and a May 8 patch to fix the issue. This sneaky exploit let attackers install mods without your consent, putting your online security at risk.

Analyst 207
Rack of network equipment with server, cables, and devices in a brightly-lit server room.

Adobe ColdFusion Flaw Exploited in Ongoing Attacks

A critical Adobe ColdFusion vulnerability, CVE-2026-48282, is under attack - and it's crucial to patch now to prevent remote code execution on your system. This maximum-severity flaw affects ColdFusion releases 2025.9, 2023.20, and earlier, and can be exploited without privileges.

Analyst 207
Rows of computer servers and networking equipment in a brightly-lit modern data center.

Oracle E-Business Suite Exploited Before Public Exploit Code Release

Oracle E-Business Suite deployments were under attack from a critical vulnerability even before hackers made the exploit code publicly available, highlighting the severity of the threat. This precemptive strike underscores the need for urgent attention to secure E-Business Suite systems.

Analyst 207
Cluttered developer's workstation with Claude Desktop on laptop screen.

Pentera Labs Red Team Exposes AI Double Agent Vulnerability in Claude Desktop

Pentera Labs' red team has uncovered a shocking vulnerability in Claude Desktop, allowing them to turn the AI's voice into a double agent that does an attacker's bidding on a developer's workstation. By exploiting a compromised inbox, they were able to gain full machine control, revealing a chilling new threat in the world of AI.

Analyst 207
Industrial control panel in foreground, with monitors and equipment in background.

Progress LoadMaster Flaw Sees Active Exploitation Attempts

A critical vulnerability in Progress Kemp LoadMaster, tracked as CVE-2026-8037, is under active exploitation attempts, with Canadian cybersecurity firm eSentire's Threat Response Unit detecting and thwarting attacks starting June 29, 2026. The attacks, though unsuccessful, raise concerns about potential future breaches given the vulnerability's high CVSS score of 9.6.

Analyst 207
Rows of computer servers in a brightly-lit network operations room.

Oracle E-Business Flaw Exploited in Ongoing Attacks

A critical flaw in Oracle E-Business, known as CVE-2026-46817, is being exploited by attackers, allowing them to take over vulnerable systems with just HTTP network access. This highly severe vulnerability, with a CVSS score of 9.8, has now been targeted in real-world attacks, with security researchers observing exploitation attempts on Oracle E-Business honeypots.

Analyst 207
Remote monitoring software interface on a laptop in an office setting.

SimpleHelp Vulnerability Exploited to Deliver Novel Malware

A critical vulnerability in SimpleHelp's remote monitoring software, rated a perfect 10 in severity, was exploited by attackers to masquerade as trusted technicians and deploy brand-new malware across customer networks. This flaw allowed hackers to bypass authentication and gain unauthorized access with ease.

Analyst 207
Oracle E-Business Suite terminal in a server room with a blank laptop screen nearby.

Hackers Exploit Oracle E-Business Flaw in Targeted Attacks

Hackers are actively exploiting a critical Oracle E-Business flaw, CVE-2026-46817, with a near-perfect CVSS score of 9.8, in targeted attacks, allowing for unauthenticated HTTP takeover. This alarming vulnerability has no known previous exploitation and no public proof-of-concept code exists, making it a high-risk threat.

Analyst 207
Sensitive documents scattered on a desk in a secure government office with a computer screen in the background.

Oracle Flaw Exposes US Citizens' Credit Data in NAIC Breach

A recent breach at the National Association of Insurance Commissioners exposed US citizens' sensitive credit data, prompting swift action and FBI coordination to mitigate the damage. The hack was made possible by a zero-day vulnerability in Oracle PeopleSoft, which was exploited by attackers to gain unauthorized access.

Analyst 207
Dimly lit workspace with scattered notes and empty coffee cups, hinting at unease.

Cordyceps Flaws Compromise 300+ GitHub Repositories

A newly discovered flaw, dubbed Cordyceps, has left over 300 GitHub repositories vulnerable to exploitation by unauthenticated users, allowing for code execution, credential theft, and supply-chain compromise. This critical weakness can be easily exploited, putting countless open-source projects at risk.

Analyst 207
Rack-mounted router in a network closet with a blurred city transit platform visible through a nearby window.

Cisco Unified CM Flaw Exploited in Active Attacks

Hackers are actively exploiting a high-severity flaw in Cisco Unified CM, tracked as CVE-2026-20230, which allows them to send malicious HTTP requests and potentially take control of affected devices. This vulnerability, with a CVSS score of 8.6, could enable attackers to write files to the underlying operating system and escalate their privileges.

Analyst 207
Technicians work in a network operations room with rows of server racks and equipment.

Cisco Unified CM flaw exploited in targeted attacks

Hackers are actively exploiting a high-severity flaw in Cisco Unified Communications Manager, allowing them to gain unauthorized access and control over vulnerable systems. This newly discovered vulnerability, tracked as CVE-2026-20230, has a CVSS score of 8.6, indicating a significant threat to security.

Analyst 207
Dimly lit home network setup with outdated routers, tangled cables, and old equipment.

AryStinger Botnet Exploits Flaws in Thousands of D-Link Routers

Meet AryStinger, a sneaky botnet that's hijacked over 4,000 outdated D-Link routers worldwide, turning them into a powerful tool for hackers to carry out stealthy scans and attacks. This malware mastermind breaks down massive tasks into tiny chunks, distributing them across its zombie network for lightning-fast execution.

Analyst 207
Network operations center with server and equipment, cityscape visible through window.

CISA Warns of Active Exploitation of Splunk Enterprise Flaw

A critical vulnerability in Splunk Enterprise, tracked as CVE-2026-20253, allows remote attackers to create or delete files on vulnerable systems without needing any login credentials. This security flaw affects specific versions of Splunk Enterprise, including 10.2.0 through 10.2.3 and 10.0.0 through 10.0.6.

Analyst 207
Technicians work on equipment in the background of a brightly-lit network operations center with rows of computer racks.

Attackers Exploit Critical Fortinet Vulnerabilities Disclosed in April

Security researchers have confirmed that hackers are actively exploiting critical vulnerabilities in Fortinet's FortiSandbox product, first patched in April, with multiple independent groups jumping on the bandwagon. The exploitation attempts, observed as early as June 9, involve OS-command injection and path-traversal flaws.

Analyst 207
Network equipment racks with a single server in the foreground showing a subtle warning light.

Fortinet Sandbox Flaws Under Active Exploitation

Critical Fortinet Sandbox vulnerabilities are under active attack, with hackers exploiting flaws like CVE-2026-39813, a severe path traversal bug that allows authentication bypass. Fortinet patched these bugs in April, but users must upgrade ASAP to avoid being compromised.

Analyst 207
Rack of computer servers in a data center with a server control panel interface on screen.

CISA Warns of Actively Exploited cPanel Plugin Flaw

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical cPanel plugin flaw, CVE-2026-54420, that's being actively exploited by hackers, posing a significant risk to all user-end plugin versions prior to 2.4.8. This vulnerability allows attackers to escalate privileges to root, putting your online security at risk.

Analyst 207
Security device on a rack surrounded by networking equipment in a well-lit IT room.

Fortinet FortiSandbox Flaws Targeted by Attackers in Wide-Ranging Exploits

Cyber attackers are actively exploiting three high-severity Fortinet FortiSandbox vulnerabilities, CVE-2026-39813, CVE-2026-39808, and CVE-2026-25089, which were patched just last month and carry a near-critical CVSS score of 9.1. These flaws have been targeted in wide-ranging exploits over the past 24 hours, according to threat intelligence firm Defused Cyber.

Analyst 207