More results...
The vulnerability is tracked as CVE-2025-32975 and it may have been exploited in attacks against the education sector.
The post Critical Quest KACE Vulnerability Potentially Exploited in Attacks appeared first on SecurityWeek.
Because attacker-supplied flow data is used in public flows, the bug leads to unauthenticated remote code execution.
The post Critical Langflow Vulnerability Exploited Hours After Public Disclosure appeared first on SecurityWeek.
Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser.
The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek.
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild.
The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek.
Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia.
The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek.
The company has developed an AI-powered platform that autonomously discovers and validates software vulnerabilities.
The post Autonomous Offensive Security Firm XBOW Raises $120M at $1B+ Valuation appeared first on SecurityWeek.
Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application.
The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek.
The flaws can be exploited to manipulate data and bypass security restrictions, potentially leading to code execution.
The post Chrome 146 Update Patches Two Exploited Zero-Days appeared first on SecurityWeek.
CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.
The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek.
WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses.
The post Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited appeared first on SecurityWeek.