More results...
The Jenkins project released a critical security advisory addressing multiple vulnerabilities in its core automation server and the LoadNinja plugin. These flaws expose continuous integration and continuous deployment (CI/CD) environments to severe ris…
Navia Benefit Solutions has confirmed a significant data breach impacting nearly 2.7 million individuals. The incident resulted from unauthorised access to the company’s systems, exposing sensitive personal and health plan information. As a promi…
Latest ScreenConnect version adds encrypted storage and management to prevent unauthorized access to machine keys.
The post Critical ScreenConnect Vulnerability Exposes Machine Keys appeared first on SecurityWeek.
Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser.
The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek.
CVE-2026-20963, a remote code execution (RCE) SharePoint vulnerability Microsoft fixed in January 2026, is being exploited by attackers. The confirmation comes from the US Cybersecurity and Infrastructure Security Agency (CISA), which added the flaw to…
A recent campaign has targeted improperly secured Open WebUI systems, allowing threat actors to deploy malicious artificial intelligence payloads. Open WebUI is a highly popular self-hosted interface designed to enhance large language models. Shodan sc…
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild.
The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek.
Amazon found evidence that the FMC software vulnerability has been exploited since late January, and found links to Russia.
The post Cisco Firewall Vulnerability Exploited as Zero-Day in Interlock Ransomware Attacks appeared first on SecurityWeek.
The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical vulnerability affecting the Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog. Federal agencies and organizations using the …
ConnectWise has released a critical security update for its ScreenConnect remote desktop software to address a severe vulnerability that allows attackers to hijack user sessions. The flaw, which compromises the protection of server-level cryptographic …