Tag: vulnerability exploits
8 articles

Cisco Vulnerabilities Targeted in String of Exploits
Hackers are actively exploiting a recently patched Cisco vulnerability, CVE-2026-20230, using a clever chain of attacks that can grant them root privileges on compromised devices. This alarming exploit activity was uncovered by threat-intel company Defused, highlighting the urgent need for robust security measures.

AI Models Outpace GPT-5.5 in Chrome Vulnerability Exploits
Meet ExploitBench, a groundbreaking benchmark that puts AI models to the test, pushing them to go beyond mere vulnerability detection and actually exploit real-world flaws - and the results are in. This innovative tool, developed by Bugcrowd and Carnegie Mellon University experts, grades AI models on their ability to chain discoveries into usable exploits, revealing surprising capabilities.

Linux Rootkits Persist in Updated Forms
A single misstep with an over-privileged or poorly designed agent can quickly spiral into a serious incident, making the UK National Cyber Security Centre's warning feel alarmingly relevant. This urgency was underscored at Pwn2Own Berlin, where researchers exploited 47 zero-day flaws, raking in over $1.2 million in rewards.

Vulnerability Exploits Overtake Credentials as Top Breach Entry Point
For the first time in nearly two decades, exploiting vulnerabilities has surpassed compromised credentials as the top breach entry point, accounting for 31% of data breaches over the past year. This significant shift suggests that threat actors are adapting their tactics, and defenders must follow suit.

Linux Kernel Faces New Exploit for DirtyDecrypt Vulnerability
A new exploit has been discovered for the DirtyDecrypt vulnerability in the Linux Kernel, allowing for a potentially devastating rxgk pagecache write due to a missing copy-on-write guard. This flaw, tracked as CVE-2026-31635, has a CVSS score of 7.5 and was recently patched after being reported by security researchers.

Vulnerability Exploits Surge Against cPanel and WHM Software
A critical vulnerability, CVE-2026-41940, with a near-perfect severity score of 9.8, has been discovered in cPanel and WHM software, allowing hackers to bypass authentication and gain unauthorized access to your control panel. This flaw puts your online security at risk, so taking immediate action is crucial.

CISA Warns of Active Attacks on Decade-Old Excel Vulnerability
A 17-year-old Microsoft Excel vulnerability has become a pressing public safety concern after the US cybersecurity agency CISA added it to its exploited-vulnerabilities list, warning of active attacks. This outdated flaw is now being actively exploited, making it crucial to patch immediately.

Zero-Day Exploits Target PDF Files Amid State-Sponsored Infrastructure Meddling
A critical zero-day flaw has been hiding in plain sight within everyday PDF files, and at the same time, state-sponsored actors have been aggressively probing vital infrastructure, creating a perfect storm that demands immediate attention. This dual threat of quietly persistent PDFs and long-simmering meddling has escalated into a situation that requires rapid action.