More results...
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical server-side request forgery (SSRF) vulnerability affecting GitLab Community and Enterprise Editions to its Known Exploited Vulnerabilities (KEV) catalog. The flaw, tracked…
Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week.
The post Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks appeared first on SecurityWeek.
The critical-severity SolarWinds Web Help Desk flaw could lead to unauthenticated remote code execution.
The post Fresh SolarWinds Vulnerability Exploited in Attacks appeared first on SecurityWeek.
A coordinated reconnaissance campaign targeting Citrix ADC (NetScaler) Gateway infrastructure worldwide. The operation used over 63,000 residential proxy IPs and AWS cloud infrastructure to map login panels and enumerate software versions, a clear indi…
Wiz and Permiso have analyzed the AI agent social network and found serious security issues and threats.
The post Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks appeared first on SecurityWeek.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly disclosed vulnerability CVE‑2025‑40551 affecting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog. The flaw is rated critical because …
Google has released a new Stable Channel update for Chrome (version 144.0.7559.132/.133) on February 3, 2026, addressing two high‑severity vulnerabilities that could allow attackers to execute arbitrary code or cause system crashes. The update is rolli…
A high-severity vulnerability has been discovered in the Kubernetes ingress-nginx controller, allowing attackers to execute arbitrary code and potentially compromise entire clusters. Tracked as CVE-2026-24512, this high-severity flaw enables malicious …
The Django Software Foundation has issued emergency security patches addressing six critical vulnerabilities affecting multiple versions of the popular Python web framework. Released on February 3, 2026, the updates fix severe flaws that could enable a…
Threat actors are exploiting a critical remote code execution vulnerability in React Native’s Metro development server to deploy sophisticated malware payloads targeting software developers worldwide. The vulnerability, tracked as CVE-2025-11953 …