Microsoft warns of new Defender zero-days exploited in attacks
… For example, type "Security" in the Search bar, then select the Windows Security program. …
Search
CISA orders feds to patch actively exploited Drupal vulnerability
… Cybersecurity and Infrastructure Security Agency CISA added the flaw to its Known Exploited Vulnerabilities KEV Catalog and ordered Federal Civilian Executive Branch FCEB agencies to patch their systems by midnight on Wednesday, May 27, as mandated by Binding Operational Directive BOD 22-01 . …
Max severity Cisco Secure Workload flaw gives Site Admin privileges
… Cybersecurity and Infrastructure Security Agency CISA added the CVE-2026-20182 flaw to its Known Exploited Vulnerabilities Catalog on May 14 and ordered federal agencies to secure affected devices within three days, by May 17. …
Drupal critical update to fix bug with high exploitation risk
Drupal critical update to fix bug with high exploitation risk By Bill Toulas May 20, 2026 08:52 AM Drupal has announced a "core security release" scheduled for later today, warning that threat actors might develop exploits within hours of the update disclosure. …
Palo Alto Networks firewall zero-day exploited for nearly a month
… Cybersecurity and Infrastructure Security Agency CISA also added the CVE-2026-0300 zero-day to its Known Exploited Vulnerabilities KEV Catalog and ordered Federal Civilian Executive Branch FCEB agencies to secure vulnerable firewalls by Saturday midnight, May 9. …
Exploit available for new DirtyDecrypt Linux root escalation flaw
… The Cybersecurity and Infrastructure Security Agency CISA added Copy Fail to its list of flaws exploited in attacks on May 1 and ordered federal agencies to secure their Linux devices within two weeks, by May 15. …
Exploit released for new PinTheft Arch Linux root escalation flaw
… Over the weekend, security researchers released PoC exploits targeting another recently patched Linux LPE tracked as DirtyDecrypt and DirtyCBC , which belongs to the same vulnerability class as several other root-escalation flaws, including Dirty Frag , Fragnesia , and Copy Fail . …
Trend Micro warns of Apex One zero-day exploited in the wild
… Cybersecurity and Infrastructure Security Agency CISA also added CVE-2026-34926 to its list of actively exploited vulnerabilities and ordered federal agencies to patch their devices by June 4. …
Ivanti warns of new EPMM flaw exploited in zero-day attacks
… Cybersecurity and Infrastructure Security Agency CISA gave U.S. government agencies 4 days to secure their systems against CVE-2026-1340 attacks. …
KnowledgeDeliver flaw exploited as a zero-day to install web shells
… The topics he writes about include malware, vulnerabilities, exploits and security defenses, as well as research and innovation in information security. His work has been published by Bitdefender, Netgear, The Security Ledger and Softpedia. …