More results...
The company has fixed several critical vulnerabilities that can be exploited for arbitrary code execution.
The post Patch Tuesday: Adobe Fixes 44 Vulnerabilities in Creative Apps appeared first on SecurityWeek.
SAP has released 26 new and one updated security notes on February 2026 security patch day.
The post SAP Patches Critical CRM, S/4HANA, NetWeaver Vulnerabilities appeared first on SecurityWeek.
SAP said the February 10, 2026 Patch Day delivered fixes across multiple SAP products and urged customers to apply patches with priority via the Support Portal to protect their SAP landscape. The highest-risk item highlighted this month is CVE-2026-048…
Internet‑exposed and vulnerable SolarWinds Web Help Desk (WHD) instances are under attack by threat actors looking to gain an initial foothold into target organizations’ networks, Microsoft and Huntress researchers have warned. Once inside, the a…
Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication.
The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek.
A newly documented Windows vulnerability, CVE-2026-20817, impacts the Windows Error Reporting Service (WER) and enables local privilege escalation. The issue matters because WER runs as NT AUTHORITY\SYSTEM, so any mistake in its permission checks can b…
A serious security flaw has been discovered in Axios, one of the most popular HTTP client libraries for Node.js, allowing attackers to crash servers and trigger denial-of-service (DoS) attacks. The vulnerability, tracked as CVE-2026-25639, affects all …
Microsoft is currently tackling a significant service degradation within Exchange Online that is disrupting business communications by incorrectly flagging legitimate emails as phishing attempts. The incident, tracked under the identifier EX1227432, be…
A sophisticated new cyber campaign has been detected targeting Ivanti Endpoint Manager Mobile (EPMM) systems. Starting on February 4, 2026, threat actors began exploiting two critical vulnerabilities, CVE-2026-1281 and CVE-2026-1340, to plant dormant b…
A critical “zero-click” vulnerability in Claude Desktop Extensions (DXT) that allows attackers to compromise a computer using nothing more than a Google Calendar event. The flaw, which has been assigned a maximum severity score of CVSS 10/1…