VulnHub

A new vulnerability in FreeScout, identified by researchers at Ox Security, allows attackers to execute remote code without any user interaction, a situation referred to as a zero-click exploit. This flaw, dubbed Mail2Shell, could enable malicious actors to take control of FreeScout systems, putting organizations that use this customer support platform at risk. Users of FreeScout should be particularly vigilant, as this vulnerability could lead to unauthorized access and data breaches. The lack of user interaction required for the exploit makes it especially concerning, as it can be executed without any action from the target. Organizations are urged to monitor their systems closely and apply any available updates to mitigate potential risks from this vulnerability.

Recent zero-day vulnerabilities in Ivanti's Endpoint Manager Mobile (EPMM) have sparked renewed concern among cybersecurity experts. These flaws, which can be exploited by attackers, could potentially compromise sensitive data in mobile devices managed by the software. Organizations using EPMM must act quickly to secure their systems, as these vulnerabilities are already being exploited in the wild. Experts are urging a shift away from simply applying patches and towards more robust security measures, including better authentication controls and reducing unnecessary public interfaces. The urgency of the situation emphasizes the need for businesses to prioritize security and stay updated with the latest patches and practices.

Flashpoint has reported a significant decrease in the time it takes for vulnerabilities to be exploited after they are disclosed. This trend indicates that attackers are increasingly quick to take advantage of known flaws, especially N-Day vulnerabilities, which are issues that have been publicly disclosed but not yet patched by users. This shift poses a serious risk for organizations that may not act swiftly enough to secure their systems. The rapid exploitation can lead to increased incidents of data breaches and cyberattacks, affecting both businesses and their customers. Companies need to prioritize their patch management processes to mitigate these risks and protect sensitive information.

Microsoft has recently patched six zero-day vulnerabilities, which are serious security flaws that attackers can exploit to gain unauthorized access. Users are typically urged to update their systems immediately to protect against such threats. However, some experts are advising caution, suggesting that these patches might cause issues or conflicts with existing software. This situation leaves many users in a challenging position as they weigh the risks of applying the updates against the potential vulnerabilities. It's important for individuals and organizations to assess their specific environments before proceeding with the updates to ensure they don't inadvertently create new problems.

In February 2026, Microsoft addressed over 50 security vulnerabilities during its Patch Tuesday update, including six zero-day flaws that were actively exploited by attackers. Notably, three of these zero-days involve security feature bypasses. One of the vulnerabilities, identified as CVE-2026-21513, impacts the MSHTML/Trident browser engine used in Internet Explorer on Windows, while CVE-2026-21514 affects Microsoft Word. Attackers can exploit these vulnerabilities by tricking users into opening malicious files or links. As these security holes are actively being exploited, users and organizations must apply the updates promptly to protect their systems from potential breaches.

During Pride Month, attackers are sending out phishing emails that appear to come from trusted email services like SendGrid. These emails are designed to trick employees into revealing their login credentials. The phishing attempts are happening worldwide, making this a widespread issue that could compromise sensitive information across various organizations. Employees should be cautious and verify the authenticity of such emails before clicking on any links or providing personal information. This incident raises concerns about how attackers exploit timely themes to manipulate users and highlights the need for enhanced email security protocols in workplaces.

Dutch agencies, including the Data Protection Authority and the Council for the Judiciary, have confirmed cyberattacks that exploited vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). These attacks resulted in the exposure of employee contact data. The flaws in Ivanti EPMM were recently disclosed, allowing attackers to breach the systems of these government bodies. This incident raises concerns about the security of sensitive personal information and the potential for further exploitation of these vulnerabilities. Authorities have reported the incidents to parliament, emphasizing the need for improved security measures in public sector agencies.

A Chinese cyber group known as UNC3886 has targeted Singapore's four major telecom providers using advanced techniques, including rootkits and a zero-day exploit. Fortunately, the attack did not disrupt services or compromise customer data. This incident raises concerns about the security of essential infrastructure, as telecom providers play a critical role in national communication systems. While no direct impact on users was reported, the use of sophisticated methods by attackers emphasizes the need for ongoing vigilance and robust security measures within the telecommunications sector. Companies must remain alert to such threats and ensure their defenses are up to date.

The Dutch Data Protection Authority and the Council for the Judiciary have confirmed that their systems were compromised due to a zero-day exploit of Ivanti Endpoint Manager Mobile (EPMM). This vulnerability, recently disclosed, allowed attackers to access sensitive employee contact information. The breach was reported to parliament on January 29, indicating that it poses a significant risk to the privacy of individuals whose data was exposed. The incident underscores the importance of timely patching and system security, as organizations are urged to address these vulnerabilities to protect against future attacks.

In February 2026, a significant security update was released that addressed 59 Common Vulnerabilities and Exposures (CVEs), including six zero-day vulnerabilities. These vulnerabilities could allow attackers to gain unauthorized access or execute malicious code on affected systems. Various products from multiple vendors are impacted, which means a wide range of users, including businesses and individual consumers, could be at risk. The presence of zero-day vulnerabilities indicates that attackers could exploit these weaknesses before users have the chance to apply the necessary patches. Companies and users are urged to update their systems promptly to mitigate potential risks associated with these vulnerabilities. Ignoring these updates could expose them to serious security breaches.