…On January 12, CISA confirmed Wiz's report that the CVE-2025-8110 was under active exploitation and added the security flaw to its catalog of vulnerabilities exploited in the wild, ordering…
…Researchers at WordPress security company Defiant observed that threat actors are trying to exploit the vulnerability, and blocked more than 3,600 attempts over the past 24 hours. “When the request is…
…Cybersecurity and Infrastructure Security Agency (CISA) also added the CVE-2026-0300 zero-day to its Known Exploited Vulnerabilities (KEV) Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to secure vulnerable…
…Attackers exploiting the vulnerability could execute commands on the server as well as access Exim data and emails, and potentially pivot further into the environment depending on server permissions and configuration. XBOW…
…exploited in the wild File read flaw in Smart Slider plugin impacts 500K WordPress sites Actively Exploited Authentication Bypass Plugin Vulnerability WordPress Bill Toulas Bill Toulas is a tech writer and infosec…
…Apart from this case, Google notes that Chinese and North Korean hackers, such as APT27, APT45, UNC2814, UNC5673, and UNC6201, have been using AI models for vulnerability discovery and exploit development, continuing…
…race condition vulnerability. The researcher shared a proof-of-concept exploit on Tuesday afternoon in a self-hosted Git repository after saying that GitHub and GitLab repositories hosting their exploits had previously…
…flaw exploited as a zero-day to install web shells Exploit Chain RCE Remote Code Execution Scanner Ubiquiti Ubiquiti Unifi Vulnerability Scanner Bill Toulas Bill Toulas is a tech writer and infosec…
…Weaver E-cology critical bug exploited in attacks since March Actively Exploited Drupal PostgreSQL SQL Injection Vulnerability Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a…
…The attacker disguised the malware as an update for Fortinet endpoints and executed it through VPN scripting workflows managed by FortiClient. The exploited critical vulnerability is an improper access control flaw that…