Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types – On-Prem Deployment Cisco SD-WAN Cloud-Pro Cisco SD-WAN Cloud (Cisco Managed) Cisco SD-WAN for Government…
Category: Exploits
Exploits, Global Security News
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
CISA warned today that hackers are now actively exploiting a recently patched high-severity SolarWinds Serv-U flaw to crash servers. […]
Exploits, Global Security News, Network Security
Another Cisco Catalyst SD-WAN Manager bug actively exploited
Cisco warns of an exploited SD-WAN flaw that can enable remote code execution and network compromise.
AI, Apps, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Six protobuf.js Vulnerabilities Expose RCE and DoS Risks
Six vulnerabilities discovered in protobuf.js could allow attackers to execute arbitrary code, crash services, and compromise software supply chains across cloud, AI, messaging, and development environments. According to Cyera researchers, the flaws affect the widely used JavaScript implementation of Google’s Protocol Buffers, a data serialization framework that underpins communication across countless distributed systems. The library…
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management
AI Threats, Zero-Days, and Data Breaches Define This Week of June 2026 in Cybersecurity
Major Threats & Vulnerabilities Zero-Day Exploits and Critical Vulnerabilities A newly discovered Comodo zero-day vulnerability can crash Windows systems through a malformed IPv6 packet. Researcher Marcus Hutchins identified the flaw, but Comodo has yet to issue a patch. Users are advised to filter suspicious IPv6 headers and test incident response plans. Google patched an Android…
AI, Exploits, Global Security News, malware, Network Security, Risk Management
CVE-2026-20245: Cisco SD-WAN Manager Zero-Day Enables Root Command Execution
Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of Cisco Catalyst SD-WAN Manager and can allow an authenticated remote attacker with netadmin privileges to execute arbitrary commands as root by uploading a crafted file. Cisco says exploitation has already been observed in limited cases,…
AI, APAC, Exploits, Global Security News
CVE-2026-49975: HTTP/2 Bomb Attack Can Knock Web Servers Offline in Seconds
A newly disclosed denial-of-service vulnerability, tracked as CVE-2026-49975, shows how long-known HTTP/2 weaknesses can still be chained into a highly effective modern attack. SecurityWeek reports that researchers at Calif demonstrated an HTTP/2 Bomb exploit capable of knocking major web servers offline within seconds by combining a compression bomb with a Slowloris-style hold that prevents the…
AI, Exploits, Global Security News, Risk Management
Commvault offers recommendations for resilience in the age of frontier AI
Frontier AI models, while powerful for identifying vulnerabilities, also present new risks from bad actors, accelerating exploitation timelines to mere minutes.
AI, Exploits, Global Security News, Risk Management
Nightmare Eclipse incident shows the researcher-vendor fights may never fully go away
Microsoft reopened some wounds and has reignited debate over the past couple weeks about vulnerability disclosure and the sometimes adversarial dynamic it creates between security researchers and vendors. The latest controversy ensued when Microsoft threatened criminal legal action against a security researcher who publicly disclosed a series of zero-day vulnerabilities with proof-of-concept exploits. Microsoft insisted…
AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Hugging Face Vulnerability Allows Remote Code Execution
Organizations using vulnerable versions of the Hugging Face Transformers library could unknowingly execute attacker-controlled code simply by loading a malicious AI model. Researchers at Pluto disclosed a remote code execution (RCE) vulnerability that bypasses the library’s built-in trust_remote_code=False security control, potentially exposing cloud credentials, SSH keys, API tokens, and other sensitive assets. “One poisoned field…
AI, Cybersecurity, Exploits, Global Security News
Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet
Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco warns of a privilege escalation flaw, tracked as CVE-2026-20245 (CVSS base score of 7.8), in Cisco Catalyst SD-WAN Manager, the platform formerly known as SD-WAN vManage. An authenticated local…
Exploits, Global Security News
Reaper macOS Infostealer Abuses Script Editor to Steal Crypto and Passwords
Threat actors are deploying an updated SHub Stealer variant named Reaper that exploits the native macOS Script Editor to bypass OS-level protections and compromise cryptocurrency assets.
AI, Cybersecurity, Exploits, Global Security News, Risk Management
Malware could drain your fuel tank as well as your bank account
Ongoing cyber-attacks on automated tank gauges (ATGs) could result in fuel tanks being drained without businesses noticing, the US Cybersecurity & Infrastructure Security Agency has warned. Connected ATGs are widely deployed in gas stations, as well as on military bases, in hospitals, and in manufacturing plants. And it’s not just fuel stores at risk: ATGs…
AI, Europe, Exploits, Global Security News, malware, Network Security
PCPJack Exposed: Researchers Uncover 230-Node Cloud Email Relay Network
Researchers uncovered a 230-node cloud-based email relay network after the actor PCPJack accidentally exposed tools, logs, and C2 files online A threat actor tracked as PCPJack compromised 230 cloud servers across Amazon Web Services, Google Cloud, and Microsoft Azure and turned them into a covert email relay network. Hunt.io researchers discovered the operation because PCPJack…
AI, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Claude Code has an MCP security problem — and your developers are already using it
Claude Code is Anthropic’s AI coding assistant — a command-line tool that developers are adopting fast. It connects to external services through Model Context Protocol, the standard that lets AI tools interact with Jira, Confluence, GitHub, databases and internal APIs. When a developer connects one of those services, Claude Code runs an OAuth flow, the…
AI, Exploits, Global Security News
Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)
A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To exploit this vulnerability, an attacker must have netadmin privileges on an affected system. This would require valid credentials or exploitation of CVE-2026-20182 or CVE-2026-20127. Cisco is not aware of successful…
Exploits, Global Security News
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code, leading to a complete site compromise. The vulnerability in question is CVE-2026-3300 (CVSS score: 9.8), a remote code execution bug impacting all versions of the plugin up to, and including,…
AI, Data Breaches, Exploits, Global Security News, Risk Management
Fake Context Alignment: The Attack That Made Gemini Obey Strangers Through Your Notifications
SafeBreach tricked Gemini into obeying attackers via WhatsApp notifications, using hidden foreign-language text to bypass Google’s defenses and control smart home devices. SafeBreach Labs researcher Or Yair spent months trying to break Google’s Gemini voice assistant after Google patched the vulnerabilities he found in his previous research. The new attack class he developed, named Fake…
AI, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management
Commvault Provides Resilience Approach for Frontier AI
Commvault, a data protection and cyber resilience organization, has made recommendations to help organizations stay resilient in the age of frontier AI. Frontier models create new security risks while helping address them As frontier models, hosted in the cloud, excel at identifying vulnerabilities at speed and compressing exploitation timelines, they also present exploitable threats to…
AI, Apps, Europe, Exploits, Global Security News, malware, Network Security, Russia
AI tools becoming hot commodities on ransomware marketplaces
Sales of AI-based tools is accelerating within underground ransomware marketplaces, lowering the barrier to entry for new actors in the process. An analysis of Telegram channels, 20 dark web forums, and five underground markets by anti-ransomware platform vendor Halcyon found that AI utility posts grew to 1,486 in February 2026, up from just 38 in…
Exploits, Global Security News
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. […]
Cybersecurity, Exploits, Global Security News
Underground forum tutorial simplifies vulnerability exploitation for novice hackers
The tutorial, authored by a hacker known as “Hercules” and documented by cybersecurity company Flare, breaks down the process of scanning, detecting, exploiting, and monetizing vulnerabilities into actionable steps.
Exploits, Global Security News
Critical vulnerability in Hugging Face Transformers library allowed arbitrary code execution
The vulnerability, tracked as CVE-2026-4372, was exploitable through a standard model-loading command, even when Hugging Face’s recommended security setting “trust_remote_code=False” was enabled.
AI, Cybersecurity, Exploits, Global Security News, Risk Management
AI Threats Are Outpacing Enterprise Cybersecurity Defenses in 2026
Artificial intelligence (AI) is reshaping the digital risk landscape, creating new challenges for organizations already struggling to manage online fraud, impersonation, and brand abuse. According to the 2026 Digital Risk Report, enterprises face growing exposure to AI-generated attacks while many lack the visibility, ownership, and response capabilities needed to address them effectively. “The question isn’t…
Exploits, Global Security News
9.8 Mirasvit bug actively exploited on Magento servers
CISA warns of an actively exploited Magento extension flaw that enables remote code execution.
AI, Cybersecurity, Exploits, Global Security News, Network Security, privacy
Deepfakes, AI Scams, and the Future of Social Media Safety
The rapid advancement of generative artificial intelligence (AI) has intensified challenges related to deepfakes, impersonation scams, and manipulated content across social media platforms. As synthetic media becomes easier to create and harder to detect, companies are being forced to adopt more sophisticated trust and safety strategies. In an email interview with eSecurityPlanet, Alexandra Ryabova, COO…
AI, Exploits, Global Security News
Meta’s own AI chatbot to blame for Instagram accounts being stolen in seconds
Hackers have been hijacking Instagram accounts at scale by exploiting Meta’s AI support chatbot. And, as if that weren’t bad enough, the technique required no technical skill whatsoever. Read more in my article on the Fortra blog.
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, Network Security
Your AI agent could become your biggest insider threat
Government agencies, cybersecurity companies and threat researchers are pouring resources into studying how fast-developing AI tools can be wielded by malicious actors to hack into victim organizations. But as agentic AI becomes more embedded in business infrastructure, there’s also a high possibility that a breach could be caused by an insider guiding the tool, whether…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Mirasvit Full Page Cache Warmer flaw, tracked as CVE-2026-45247 (CVSS ver 4.0 score of 9.3), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2026-45247 flaw is a…
Exploits, Global Security News, Network Security
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco’s PSIRT says it has not seen the flaw used in attacks yet. The PoC…
AI, APAC, Endpoint, Exploits, Global Security News, Network Security
HTTP/2’s speed abused to slow webserver performance in DoS attack
Security researchers are warning of an issue with the default HTTP/2 configuration used by major web servers which reportedly survived more than a decade of human review before showing up in Codex-assisted analysis. A flaw in the handling of the HTTP/2 protocol made a denial-of-service (DoS) attack possible on web servers including nginx, Apache HTTP…
Exploits, Global Security News
Everest Forms Pro Vulnerability Allows Remote Code Execution on WordPress Sites
Critical Everest Forms Pro RCE flaw exploited to create rogue WordPress admin accounts
AI, APAC, Apps, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Inside the race to adapt to an AI-powered security world
Troy West was in Warsaw when his dinner was interrupted by his phone. But he was happy about it. West, associate director of cybersecurity for autonomous offensive security company XBOW, had just learned that a trial version of the company’s platform had found a vulnerability that led to a full takedown of a development environment…
Exploits, Global Security News
Hackers Are After the Gaps in Your Vulnerability Program: Here’s Their Playbook
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tutorial reveals about modern attacker workflows. […]
AI, Exploits, Global Security News, Network Security, Risk Management
Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges
Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perform server-side…
AI, Exploits, Global Security News
Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
AI, Apps, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Barracuda Finds Malicious Microsoft 365 Logins Are Blending In
Organizations that rely heavily on failed login attempts to detect account compromise may be missing a growing threat. According to recent data from Barracuda, attackers are increasingly using legitimate credentials and trusted-looking infrastructure to successfully access Microsoft 365 environments while blending into normal user activity. “Attackers know many security teams are looking for the obvious…
AI, Apps, Exploits, Global Security News, malware, Network Security, privacy, Risk Management
Hugging Face Transformers RCE flaw enables stealthy compromise via AI model configs
A high severity vulnerability in Hugging Face Transformers enables attackers to compromise systems that use the popular Python library to test and run AI models. The flaw impacts library versions that continue to be actively downloaded and comes at a time when attackers are increasingly targeting the AI supply chain, including through malicious models hosted…
Cybersecurity, Exploits, Global Security News
The Zero-Day Dump: Shrinking Patch Windows and the Collapse of Reactive-by-Default Security
In this post, I will talk about the zero day dump. In late May, a security researcher known online as “Nightmare Eclipse” released six weaponized Windows zero-day vulnerabilities to the public, three of which were already being actively exploited before Microsoft issued a single patch. Since then, the researcher has threatened another major dump. This…
AI, Cybersecurity, Exploits, Global Security News, malware, privacy, Risk Management
Q1 2026 Cyber Risk Report: Insights from 2.1 Million Malware and Phishing Investigations
Based on 2,101,483 malware and phishing investigations from Q1 2026, ANY.RUN‘s Cyber Risk report provides a real-world view of modern attack trends. It covers trending malware families, TTPs, and other technical observations, while also delivering executive insights CISOs and SOC teams can use to connect attacker behavior to business risk. Combining data-backed malware trends with strategic guidance for security leaders, the report reveals critical gaps in detection, response, and visibility that directly impact business resilience, and outlines solutions organizations can use…
AI, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets
Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection & Research team dropped a YARA rule in late December 2025 to hunt for new initial access vectors, and by January 2026 it had already generated a dozen…
AI, Exploits, Global Security News
Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft’s Disclosure Process
A researcher publicly released a VS Code exploit within hours, citing past disputes with Microsoft over bug handling. The security researcher Ammar Askar found a new serious zero-day in Visual Studio Code, told a contact at GitHub about it, and published a working exploit one hour later. “Just by clicking a link, it’s possible for…
Cybersecurity, Exploits, Global Security News
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting Mirasvit Cache Warmer, a popular Magento full-page cache extension, to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2026-45247 (CVSS score: 9.8), is a case of deserialization of untrusted
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
29 Arrests, Nine Crime Groups Dismantled: Another Blow to Illegal Streaming
International Operation KRATOS led by Europol dismantled illegal streaming networks, leading to 29 arrests and nine crime groups taken down. An international law enforcement operation, codenamed Operation KRATOS and involving 13 countries (Belgium, Bulgaria, Croatia, France, Greece, Ireland, Italy, the Netherlands, Poland, Romania, Spain, the UK, and the US), spent seven months quietly dismantling the…
AI, china, Cloud Security, Cybersecurity, Europe, Exploits, Global Security News, Risk Management
Beware the ‘son of Mythos,’ security experts warn
LONDON — Enterprise security teams were urged by security experts at Infosecurity Europe to brace for impact as both Anthrophic and OpenAI expand access to their frontier AI models for vulnerability discovery. Anthropic, in particular, is significantly expanding Project Glasswing, its scheme to provide select organizations with access to Claude Mythos, an AI-powered vulnerability discovery tool…
AI, Apps, Cybersecurity, Endpoint, Exploits, Global Security News, Risk Management
Hole in GitHub’s browser-based VSCode editor could lead to stolen token
A vulnerability in GitHub’s browser-based VSCode editor could lead to the theft of a developer’s token under certain circumstances, says a researcher. The issue, revealed this week in a blog by Ammar Askar, has apparently been already addressed by GitHub owner Microsoft. But it raises a questions about both DevOps security, and about the researcher’s…
Exploits, Global Security News
Russia FSB claims foreign intelligence used malware on officials’ phones
The FSB stated that the operation exploited the capabilities of unspecified “major international IT corporations” to extract sensitive information from targeted devices.
APAC, Exploits, Global Security News
New HTTP/2 Bomb attack can take down web servers in seconds
The HTTP/2 Bomb attack exploits default configurations of major web servers including NGINX, Apache HTTP Server, Microsoft IIS, Envoy, and Cloudflare Pingora.
AI, Exploits, Global Security News
Cisco Cloud Control AI defense suite aims to counter Mythos-level threats
Cisco’s new Cloud Control suite enables businesses to create AI agents designed to monitor systems and block potential exploitation attempts.
AI, Apps, Cloud Security, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Cloud Security Alliance Report Highlights Growing Patch Gap Risks
Despite years of investment in vulnerability scanning and shift-left security practices, known vulnerabilities continue to drive production security incidents, according to the Cloud Security Alliance’s 2026 State of Modern Application & AI Security Report. As AI accelerates both vulnerability discovery and exploit development, organizations are facing increasing pressure to reduce exposure windows before attackers can…
Cybersecurity, Exploits, Global Security News
CISA warns of active attacks exploiting Android, Linux bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. […]
AI, Exploits, Global Security News
Microsoft responds to security challenges facing code, AI agents, and models
Microsoft has introduced a series of security tools and capabilities focused on AI-driven vulnerability discovery, AI agents, and AI models. The updates include a multi-agent vulnerability discovery system, new controls for managing and securing AI agents, data protection capabilities, and tools designed to identify potentially vulnerable or compromised AI models before deployment. MDASH targets exploitable…
AI, Exploits, Global Security News, Government & Policy, malware, Network Security, Russia
Russia’s FSB Says Foreign Spies Infected Officials’ Phones With Malware
Russia’s FSB claims foreign intelligence planted malware on senior officials’ phones to intercept calls and activate cameras. No technical evidence, no country named. On June 2, 2026, Russia’s Federal Security Service (FSB) published a statement claiming it had uncovered and documented a large-scale foreign intelligence operation targeting the mobile devices of senior Russian officials. The…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, Risk Management
Trump Signs Executive Order Creating Voluntary AI Security Review Framework
President Trump has introduced a new executive order aimed at strengthening oversight of advanced AI models without imposing new regulations on tech companies. The order establishes a voluntary framework that allows developers of powerful AI models to share systems with the federal government for security reviews before public release. “The United States continues to lead…
Endpoint, Exploits, Global Security News
Simplify security management with CIS SecureSuite Platform
New operating systems prioritize usability, a reality which threat actors use to exploit security gaps. Every misconfiguration creates an opportunity for compromise, and lean teams struggle in their security management efforts to harden hundreds or thousands of endpoints. CIS SecureSuite Membership simplifies the process with tools, benefits, and resources for implementing the secure recommendations of…
AI, Exploits, Global Security News, Network Security
Autonomous AI-driven worm can reason its way through corporate networks
Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate on a fixed list of exploits. Instead, it analyzes each target it encounters, reasons about how to attack it, and creates a strategy on the fly, all with the…
AI, Compliance, Exploits, Global Security News, Network Security, Risk Management
Microsoft wants to put AI agents on a short leash
As enterprises race to adopt AI agents across software development workflows, Microsoft is rolling out new controls aimed at keeping the transformation from becoming a security headache. At its annual developer conference, Microsoft Build, the company unveiled a set of initiatives, including a brand new runtime containment offering, Microsoft Execution Container (MXC), for agentic AI…
AI, Compliance, Exploits, Global Security News, Network Security, Risk Management
Microsoft wants to put AI agents on a short leash
As enterprises race to adopt AI agents across software development workflows, Microsoft is rolling out new controls aimed at keeping the transformation from becoming a security headache. At its annual developer conference, Microsoft Build, the company unveiled a set of initiatives, including a brand new runtime containment offering, Microsoft Execution Container (MXC), for agentic AI…
AI, Compliance, Exploits, Global Security News, Network Security, Risk Management
Microsoft wants to put AI agents on a short leash
As enterprises race to adopt AI agents across software development workflows, Microsoft is rolling out new controls aimed at keeping the transformation from becoming a security headache. At its annual developer conference, Microsoft Build, the company unveiled a set of initiatives, including a brand new runtime containment offering, Microsoft Execution Container (MXC), for agentic AI…
AI, Data Breaches, Exploits, Global Security News, Network Security
Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and “patch everything in time” stopped working years ago. Stop betting the org on winning that race. You don’t control which bug lands. You control what it can reach once it does. That is a question about the shape of your…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Windows Shell and ConnectWise ScreenConnect flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2022-0492 (CVSS score of 7.0) Linux Kernel Improper Authentication…
AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Release Notes: Decision-Ready SOC Reporting, Elastic Security Integration, and 1400+ Threat Coverage Updates
Security leaders are under growing pressure to reduce the time between threat detection and response without adding more complexity to already overloaded SOC workflows. ANY.RUN’s May updates help teams act on security risks more efficiently, improve consistency across investigations, and maintain stronger protection as attacker tactics continue to evolve. Discover the updates your team can…
AI, Cybersecurity, Exploits, Global Security News
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user’s NTLMv2 hash to the attacker. Like in the case of CVE-2026-33829, which impacted the Windows Snipping Tool’s ms-screensketch: URI handler, the newly flagged issue resides in the search: URI handler, per Huntress. CVE-2026-33829 refers to a spoofing vulnerability…
AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy
Google Patches Actively Exploited Android Flaw Affecting Millions of Devices
Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks. Google has released its June 2026 Android security updates, fixing 124 vulnerabilities across the mobile operating system. One flaw, tracked as CVE-2025-48595 (CVSS score of 8.4) stands out from the rest because it is already being exploited in…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Lessons from the Canvas cyberattack
Canvas cyberattack: Who, what, when, how? What and when? Over May 6 and 7, 2026, Canvas learning management system (LMS) users were served up a defaced web page in place of the expected login page. The altered web page displayed a warning by the ShinyHunters criminal hacker and extortion group advising of the Instructure compromise.…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Lessons from the Canvas cyberattack
Canvas cyberattack: Who, what, when, how? What and when? Over May 6 and 7, 2026, Canvas learning management system (LMS) users were served up a defaced web page in place of the expected login page. The altered web page displayed a warning by the ShinyHunters criminal hacker and extortion group advising of the Instructure compromise.…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Lessons from the Canvas cyberattack
Canvas cyberattack: Who, what, when, how? What and when? Over May 6 and 7, 2026, Canvas learning management system (LMS) users were served up a defaced web page in place of the expected login page. The altered web page displayed a warning by the ShinyHunters criminal hacker and extortion group advising of the Instructure compromise.…
AI, APAC, Cybersecurity, Exploits, Global Security News
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. “The vulnerable behavior exists in each server’s default HTTP/2 configuration,” the company said, adding it was discovered by OpenAI Codex by chaining
AI, Cybersecurity, Exploits, Global Security News, Risk Management
MazeBolt brings AI-generated attack simulation to DDoS security testing
MazeBolt has announced the launch of RADAR VectorAI, a new MazeBolt module that creates AI-generated DDoS attacks. As AI outpaces human response, enterprises need to have access to validated DDoS vulnerability data about both known and AI-generated attack vectors. Mythos has raised awareness of the cybersecurity risks created by AI. But while Mythos makes it…
Exploits, Global Security News
VS Code zero-day lets hackers steal GitHub tokens in one click
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. […]
AI, Apps, Exploits, Global Security News, Network Security, Risk Management
Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold
Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models. Rapid7’s latest disclosure on CVE-2026-0826 should get serious attention from anyone running HP Poly VoIP phones in an enterprise setting. It’s a critical unauthenticated stack-based buffer overflow that can give a remote…
AI, Apps, Cybersecurity, Exploits, Global Security News, Government & Policy, Risk Management
Two-year old Oracle WebLogic Server vulnerability is being exploited
US federal government departments have been given until Thursday to patch a two-year old high severity vulnerability in Oracle WebLogic Server that could allow an unauthenticated attacker to access critical data. The vulnerability, CVE-2024-21182, was added Monday to the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog, giving federal Oracle admins a…
AI, Apps, Exploits, Global Security News
Russian hackers exploit WinRAR vulnerability for data theft
The exploitation chain begins with a weaponized HTML Application payload called GammaPhish, which retrieves intermediate Visual Basic Script (VBScript) downloaders known as GammaLoad, according to Sekoia.
Exploits, Global Security News
Critical Kirki flaw exploited to hijack WordPress admin accounts
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including those belonging to administrators. […]
AI, Exploits, Global Security News
Google releases June Android security patches addressing 124 vulnerabilities, including 1 zero-day
The actively exploited vulnerability, identified as CVE-2025-48595, is a high-severity flaw in the Android Framework that allows local attackers to gain code execution and escalate privileges on devices running Android 14 or later.
AI, Exploits, Global Security News, Government & Policy
SideCopy group targets Afghanistan’s Ministry of Finance with Xeno RAT
The campaign commences with a spear-phishing email containing a ZIP archive with a malicious LNK file written in Pashto, designed to exploit the familiarity of the language within the Afghan government.
AI, Endpoint, Exploits, Global Security News, Network Security
HP Poly VoIP vulnerability sets the stage for executive voice deepfakes
HP has released patches for a critical buffer overflow vulnerability in multiple IP-enabled conference phones from its Poly Voice line. The flaw allows unauthenticated attackers to obtain root privileges on the underlying operating system, potentially enabling them to execute other attacks such as eavesdropping on conversations and recording voice data for AI-enabled impersonation attacks. The…
Exploits, Global Security News
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation. Tracked as CVE-2025-48595 (CVSS score: 8.4), the security flaw has been described as a case of privilege escalation without requiring any…
AI, Apps, Exploits, Global Security News, malware, Russia
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation. Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then…
Cybersecurity, Exploits, Global Security News, Network Security
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. The vulnerability, CVE-2024-21182 (CVSS score: 7.5), allows an unauthenticated attacker with network access to take control of susceptible servers. It was
AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Claude Code GitHub Actions Flaw Created Supply Chain Attack Risk
Organizations using Claude Code GitHub Actions should review their CI/CD environments after a researcher found vulnerabilities that could expose repositories to compromise and supply chain attacks. The flaws, which have since been patched, allowed attackers to bypass permission controls and inject untrusted input into trusted workflows. These vulnerabilities allow “… an attacker [to] bypass its…
AI, Cybersecurity, Exploits, Global Security News
DOD wants to integrate cyber in all operations, and integrate security into AI
The Pentagon is focusing on integrating cyber into all its operations, and wants to make sure it integrates security into artificial intelligence usage from the outset, the Defense Department’s top cyber policy official said Tuesday. Recent conflicts have made clear how important cyber is, said Katherine Sutton, assistant secretary for cyber policy and principal cyber…
AI, Cybersecurity, Exploits, Global Security News, malware
Instagram Account Hijacks Expose the Security Risks of AI-Powered Support
Attackers exploited Meta’s AI support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. Attackers abused Meta’s AI-powered support chatbot to reset Instagram passwords and hijack accounts without accessing victims’ email inboxes. The issue affected several users, including high-profile accounts, before Instagram fixed the flaw. Security researcher Jane Wong and other…
AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Google Patches Android Zero-Day Under Active Exploitation
Google has patched a high-severity Android zero-day vulnerability that attackers have already exploited in the wild. The issue affects multiple Android releases and serves as a reminder that mobile operating systems remain a valuable target for threat actors seeking access to sensitive enterprise and personal data. “There are indications that CVE-2025-48595 may be under limited,…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks PAN-OS flaw, tracked as CVE-2024-21182 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2024-21182 flaw is an easily exploitable vulnerability affecting Oracle WebLogic…
AI, china, Compliance, Exploits, Global Security News, Risk Management, Russia, Venture
FIRESIDE CHAT: Deepfakes exploit human emotion, making employee reflex training essential
The wire transfer went through. The CFO on the video call looked right, sounded right, and gave the authorization — except there was no CFO on that call. Related: The industrializing of identity fraud Corporate deepfake attacks of that kind, executives impersonated to authorize fraudulent wire transfers, accounted for roughly $550 million of the $2.19…
AI, APAC, Cloud Security, Cybersecurity, Exploits, Global Security News, Government & Policy, Network Security
Anthropic expanding access to Project Glasswing
Anthropic is broadening access to its Project Glasswing program, adding approximately 150 organizations in 15 countries, the company announced Tuesday, as its restricted Claude Mythos Preview model has already surfaced more than 10,000 high- or critical-severity software vulnerabilities since the program launched in early April. The expansion follows an initial cohort of roughly 50 partners…
Data Breaches, Exploits, Global Security News, Risk Management
Tuskira Quell identifies, mitigates, and validates zero-day risk before breach
Tuskira launched Quell, its exposure-led zero-day defense capability. Quell helps enterprises survive the window between a zero-day’s disclosure and a patch by determining which zero-days are reachable in their environment, whether existing controls would stop them, and which compensating control change would disrupt the exploit immediately. Organizations using Tuskira have cut breachable exposure by up…
AI, Exploits, Global Security News, Network Security
Security at Cisco Live: Going Shields Up for the Agentic Era
In the post-Mythos era, AI makes exploits faster than ever. Cisco builds security right into your network and infrastructure, helping your organization stay resilient even when threats move faster than human response.
AI, Exploits, Global Security News, Government & Policy
CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. […]
AI, Exploits, Global Security News
Google fixes actively exploited Android vulnerability (CVE-2025-48595)
Google has announced the June 2026 Android security updates, which fix a bucketload of vulnerabilities, including a high-severity vulnerability (CVE-2025-48595) in the Android Framework that “may be under limited, targeted exploitation.” About CVE-2025-48595 CVE-2025-48595 is an integer overflow vulnerability in the Android Framework, a set of APIs and system services that apps interact with directly.…
AI, Exploits, Global Security News
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window between a vulnerability being disclosed and indiscriminate exploitation observed across the internet is now measured in hours, not days. The…
AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Attackers exploit Palo Alto GlobalProtect flaw days after disclosure
A Palo Alto Networks vulnerability that allows attackers to establish unauthorized VPN access into corporate networks is being actively exploited in the wild, weeks after the company disclosed the flaw as a medium-severity issue and said it was unaware of any attacks. However, according to Rapid7, threat actors began exploiting the bug within days of…
Exploits, Global Security News
Google fixes one actively exploited Android zero-day, 124 flaws
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. […]
AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Risk Management
Attack targeting OpenAI Codex users exposes AI software supply chain risks
A malicious npm package posing as a remote user interface for OpenAI Codex exfiltrated developer authentication tokens, after attackers allegedly published code to npm that was not visible in the project’s public GitHub repository. Researchers at Aikido said the package, called codexui-android, appeared to offer legitimate functionality while collecting authentication tokens and sending them to…
Exploits, Global Security News
Pretalx vulnerability allows account takeover and admin demotion
The vulnerability, with a CVSS score of 8.7, can be exploited with low privileges and complexity.
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
Attackers are exploiting Palo Alto Networks defect that initially flew under the radar
Researchers and threat hunters are scrambling to respond to an actively exploited authentication-bypass vulnerability affecting Palo Alto Networks customers’ firewalls. The company initially tagged CVE-2026-0257 with a medium-severity rating when it disclosed the defect May 13, but quickly reassessed it as critical after Rapid7 observed and confirmed active exploitation in the wild. The Cybersecurity and…
Exploits, Global Security News
MokN raises $15 million to combat identity-based cyber threats
MokN’s approach utilizes ultra-realistic decoy access points, a technique they call “phish-back,” designed to trap threat actors and allow organizations to neutralize stolen credentials before they can be exploited.
AI, Exploits, Global Security News
PAN-OS authentication bypass bug added to list of exploited vulnerabilities
While NIST upgraded the bug to 9.1, experts say teams must focus more on how attackers can exploit this flaw to gain VPN access.
AI, Cybersecurity, Exploits, Global Security News, Network Security
Oracle’s first monthly patch release fixes 35 flaws, including 11 rated ‘critical’
Oracle has released the first security fixes in its new monthly Critical Security Patch Update (CSPU) cycle, designed to address urgent vulnerabilities that can’t wait for the company’s quarterly patching. The initial batch addresses 35 flaws, including several for which exploit code is publicly available. In total, there are 11 flaws rated ‘critical’, 18 rated…