Articles tagged "Vulnerability"

Found 937 articles

A newly discovered zero-click attack is targeting WhatsApp accounts on iPhones running iOS 16, allowing attackers to take control of accounts without any user interaction or warning. This means that users can find their accounts sending unauthorized messages, often asking contacts for money transfers, without realizing they’ve been compromised. The attack is particularly concerning because it does not require any linked devices, making it harder for users to identify or prevent the intrusion. As this vulnerability is actively exploited, users of WhatsApp on iOS 16 need to be vigilant and take precautions to protect their accounts. This incident highlights the ongoing challenges of mobile security and the importance of being cautious about unsolicited messages and requests.

Read Original

A significant security vulnerability has been identified in Ghost CMS, specifically a SQL injection flaw labeled CVE-2026-26980. Attackers are exploiting this weakness to inject harmful JavaScript code, which activates ClickFix attack flows across numerous websites utilizing this content management system. This exploitation poses a serious risk to users by potentially compromising their data and functionality of affected sites. Ghost CMS users, particularly those running outdated versions, should take immediate action to secure their systems. This incident highlights the ongoing need for vigilance in web security and the importance of keeping software up to date.

Read Original
Critical
RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers

Hackread – Cybersecurity News, Data Breaches, AI and More

Actively Exploited

Hackers are exploiting a significant vulnerability from 2018 to take control of over a million ASUS routers. According to VulnCheck, this flaw allows attackers to bypass authentication mechanisms, making it easier for them to hijack affected devices. The vulnerability impacts various ASUS router models, posing a risk to users who may unknowingly have their networks compromised. This incident is concerning because it shows how older vulnerabilities can still be leveraged for large-scale attacks, highlighting the need for users to regularly update their devices and apply security patches. Failure to address these vulnerabilities could lead to unauthorized access and further exploitation of personal or sensitive information.

Read Original

A new vulnerability, dubbed 'Underminr', affects around 88 million domains, allowing attackers to hide malicious connections behind trusted domain names. This exploit can bypass DNS filtering mechanisms, making it easier for cybercriminals to manage command-and-control traffic without detection. As a result, organizations that rely on these domains for security may be at greater risk of compromise. The vulnerability raises concerns about the effectiveness of current DNS security measures, as attackers can leverage this flaw to blend in with legitimate traffic. Companies and system administrators are urged to review their DNS filtering strategies to mitigate potential risks associated with this vulnerability.

Read Original
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

The Hacker News

Actively Exploited

A severe security vulnerability has been discovered in the LiteSpeed User-End cPanel Plugin, identified as CVE-2026-48172, which has a maximum CVSS score of 10.0. This flaw allows attackers to exploit incorrect privilege assignments, enabling them to execute arbitrary scripts with root privileges. As a result, any cPanel user, including potential attackers or compromised accounts, can take advantage of this vulnerability. The ongoing exploitation of this flaw poses significant risks to server security and data integrity, making it crucial for affected users to take immediate action. The situation emphasizes the need for vigilance among web hosts and cPanel users to prevent unauthorized access and maintain secure environments.

Read Original
Actively Exploited

Drupal has issued a warning about a significant SQL injection vulnerability that is currently being targeted by hackers. This flaw, which was announced earlier in the week, poses a serious risk to websites running on the Drupal content management system. Attackers can exploit this vulnerability to gain unauthorized access to databases, potentially leading to data breaches or site compromises. Users and administrators of Drupal sites are urged to take immediate action to secure their systems, as the risk of exploitation is high. It is crucial for affected parties to stay vigilant and apply any available patches to mitigate this threat.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has introduced a new nomination form that allows researchers, vendors, and industry partners to report known exploited vulnerabilities. This initiative aims to enhance collaboration between CISA and the cybersecurity community by providing a direct channel for submitting vulnerabilities for consideration in the Known Exploited Vulnerabilities (KEV) catalog. While the new form streamlines reporting, organizations can still use email to submit vulnerabilities if they prefer. This move is significant as it encourages more proactive engagement from the cybersecurity community, which is essential for identifying and mitigating threats more effectively.

Read Original
Actively Exploited

TrendAI has addressed a serious vulnerability in its Apex One security software, identified as CVE-2026-34926. This flaw is a directory traversal issue that could be exploited by attackers to gain unauthorized access to files on the system. The vulnerability specifically affects the on-premise version of Apex One, which is used by various organizations for endpoint security. Given that this vulnerability has been exploited in the wild, it poses a significant risk to users who have not yet applied the necessary updates. Companies using Apex One should prioritize applying the latest patches to safeguard their systems against potential breaches.

Read Original
Actively Exploited

A newly discovered vulnerability, identified as CVE-2024-12802, affects SonicWall Gen6 SSL-VPN appliances. This security flaw allows attackers to bypass multi-factor authentication (MFA) by using a specific user principal name (UPN) login format. Organizations using these appliances could be at risk, as this vulnerability may enable unauthorized access to sensitive systems. Companies that rely on SonicWall for secure remote access should take immediate action to assess their exposure to this threat. Given the critical role of MFA in securing remote connections, this issue underscores the need for vigilance and prompt remediation.

Read Original

A nine-year-old vulnerability in the Linux kernel, specifically related to the ptrace system call, has been identified by security researchers at Qualys. This flaw can allow attackers with local access to leak sensitive information, including SSH keys and password hashes. The issue affects various Linux distributions and could potentially be exploited by users who already have access to the system. This highlights a significant security risk as it can enable further attacks or unauthorized access if sensitive credentials are compromised. System administrators should prioritize reviewing their systems for this vulnerability and implementing necessary security measures to protect against potential exploitation.

Read Original

Microsoft has reported that two vulnerabilities in its Defender software are currently being exploited. The first, identified as CVE-2026-41091, is a privilege escalation flaw that has a CVSS score of 7.8, meaning it poses a significant risk. If successfully exploited, attackers could gain SYSTEM privileges, which would allow them to control the affected systems. The second vulnerability is a denial-of-service flaw, though specific details about its CVE designation weren't provided. These vulnerabilities affect Microsoft Defender, and users of the software should be vigilant as attackers are actively exploiting these flaws in the wild. It's crucial for individuals and organizations to take immediate action to secure their systems.

Read Original

Google has recently patched over 200 vulnerabilities in its Chrome browser, with many of these issues reported by its own security teams. This uptick in discoveries is believed to be largely driven by advancements in artificial intelligence, which has enhanced the company's ability to identify and address security flaws. Users of Chrome should be aware that while these vulnerabilities have been fixed, the sheer volume underscores the ongoing challenges in maintaining browser security. Keeping Chrome updated is crucial to protect against potential exploitation of these vulnerabilities. This situation highlights the importance of continuous vigilance in cybersecurity, especially for widely used software like Chrome.

Read Original

Researchers have revealed a vulnerability in the Linux kernel, identified as CVE-2026-46333, which has remained unnoticed for nine years. This flaw involves improper privilege management, allowing unprivileged local users to access sensitive files and execute commands with root privileges on default installations of several major Linux distributions. The vulnerability has a CVSS score of 5.5, indicating a moderate severity level. Affected users include those running various Linux distributions, which could expose them to significant risks if exploited. It's crucial for system administrators and users to be aware of this vulnerability and take appropriate action to secure their systems.

Read Original
Actively Exploited

GitHub has reported a security breach affecting 3,800 of its internal repositories. The breach was linked to a compromised version of the Nx Console extension for Visual Studio Code, which was part of a recent supply-chain attack involving TanStack npm packages. This incident highlights the vulnerability of software supply chains, where attackers can exploit trusted tools to gain unauthorized access to sensitive code and data. Developers using the affected extension are particularly at risk, as the malicious version could have allowed hackers to infiltrate their systems and steal valuable information. GitHub is likely working to mitigate the fallout and prevent future incidents, but this breach serves as a reminder for all developers to be vigilant about the tools they use.

Read Original

Drupal has issued urgent security updates to address a serious vulnerability in Drupal Core, identified as CVE-2026-9082. This flaw can allow attackers to execute malicious code remotely, escalate privileges, or disclose sensitive information on PostgreSQL sites. With a CVSS score of 6.5, the vulnerability affects users relying on Drupal's database abstraction API. This issue is particularly concerning for organizations using Drupal for their web applications, as the potential for exploitation could lead to significant data breaches or system compromises. Users are strongly advised to apply the available security updates promptly to mitigate the risk.

Read Original
PreviousPage 16 of 63Next