Articles tagged "Vulnerability"

Found 953 articles

Actively Exploited

Researchers at Sysdig have reported that hackers successfully exploited a significant vulnerability in Langflow, identified as a CVE, in under 20 hours. This rapid exploitation underscores the urgency for users and companies utilizing Langflow to act quickly. The vulnerability could allow attackers to gain unauthorized access or control, posing serious risks to data security. As the threat remains active, organizations relying on this software must prioritize patching and securing their systems to mitigate potential damage. The situation serves as a reminder of the importance of timely updates and vigilance in cybersecurity practices.

Read Original

ConnectWise has addressed a significant vulnerability (CVE-2026-3564) in its ScreenConnect remote access platform, which is widely used by managed service providers and IT departments. This flaw allows attackers to potentially hijack remote sessions by misusing ASP.NET machine keys to create forged authentication tokens. The vulnerability arises from inadequate verification of cryptographic signatures, making it possible for hackers to exploit the issue remotely. Organizations that utilize ScreenConnect, whether in cloud-hosted or on-premise configurations, need to prioritize applying the available patches to safeguard their systems. Failure to address this vulnerability could lead to unauthorized access to sensitive information and operations.

Read Original

The Interlock ransomware group has been exploiting a severe zero-day vulnerability in Cisco Secure Firewall Management Center software, identified as CVE-2026-20131, since January 26, prior to its public disclosure. This vulnerability allows for insecure deserialization, which can lead to unauthorized access and potential takeover of affected systems. Organizations using Cisco's Secure Firewall Management Center should be particularly vigilant, as the attacks have been ongoing for over a month, posing a significant risk to network security. The situation emphasizes the urgent need for timely security updates and monitoring to protect against such exploitation.

Read Original

ConnectWise has issued a warning about a serious vulnerability in its ScreenConnect software. This flaw allows attackers to extract ASP.NET machine keys, which could lead to unauthorized access to user sessions. Organizations using ScreenConnect could be at risk, as this vulnerability enables attackers to bypass authentication controls. Users should be aware of the potential for misuse of their systems and take immediate action to protect their data. It is crucial for affected parties to stay updated on this issue and implement necessary safeguards to prevent exploitation.

Read Original

Ubiquiti has addressed two vulnerabilities in its UniFi Network app, one of which is particularly serious and could allow attackers to take control of user accounts. This software is commonly used to manage various networking devices such as access points, switches, and gateways. The critical flaw poses a significant risk as it could lead to unauthorized access to sensitive user information and network settings. Users of UniFi products are urged to apply the latest patches to protect their systems. This incident serves as a reminder of the importance of keeping software up-to-date to mitigate potential security risks.

Read Original
Actively Exploited

Hackers associated with APT28, a group believed to be linked to the Russian military intelligence, are exploiting a vulnerability in the Zimbra Collaboration Suite (ZCS) to target Ukrainian government entities. This attack is part of ongoing cyber operations against Ukraine amid the broader conflict with Russia. The specific flaw being exploited allows attackers to gain unauthorized access, which could lead to significant data breaches or disruptions in government operations. The situation is critical, as it not only affects the security of Ukrainian governmental systems but also reflects the increasing use of cyber tactics in geopolitical conflicts. Ukrainian officials and cybersecurity experts are urging immediate action to patch the vulnerabilities and safeguard sensitive information.

Read Original

A Russian advanced persistent threat (APT) group has been exploiting a critical cross-site scripting (XSS) vulnerability in Zimbra, identified as CVE-2025-66376, with a severity score of 7.2. The attackers are sending HTML emails that contain insufficiently sanitized scripts, which execute when opened by users. This campaign specifically targets individuals in Ukraine, highlighting the ongoing cyber conflict in the region. The exploitation of this vulnerability could allow attackers to compromise user accounts and access sensitive information. Organizations using Zimbra should be particularly vigilant and take immediate action to secure their systems.

Read Original

Ubiquiti has addressed two vulnerabilities in its UniFi Network Application, including a serious flaw that could let attackers take control of user accounts. This vulnerability is particularly concerning as it affects the security of network management for users, potentially allowing unauthorized access to sensitive information and settings. Users of the application should ensure they update to the latest version to mitigate this risk. The company has emphasized the importance of applying these patches promptly to maintain network security. As cyber threats continue to evolve, staying updated with software patches is crucial for protecting against potential account takeovers.

Read Original

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about active exploitation of a recently patched vulnerability in SharePoint, identified as CVE-2026-20963. This remote code execution flaw allows attackers to run malicious code on affected systems, posing a significant risk to organizations using the software. Microsoft released a patch for this vulnerability back in January, but the discovery of in-the-wild exploitation suggests that some users may not have applied the update. Organizations using SharePoint should prioritize implementing the latest security updates to protect against potential breaches. Failing to address this vulnerability could lead to unauthorized access and data compromise, making it crucial for companies to stay vigilant and proactive in their cybersecurity practices.

Read Original

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted government agencies about two significant security vulnerabilities affecting the Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint. Both flaws, identified as CVE-2025-66376 and another not specified in the article, have been found to be actively exploited by attackers. The CVE-2025-66376 vulnerability has a CVSS score of 7.2, indicating a moderate to high risk. Organizations using these platforms are urged to apply the necessary patches to protect against potential attacks. The exploitation of these vulnerabilities underscores the need for timely updates and vigilance in cybersecurity practices, especially for government entities.

Read Original

A significant vulnerability in Cisco's Catalyst SD-WAN, identified as CVE-2026-20133, poses a serious risk that some organizations may be overlooking. Cybersecurity experts have expressed concern that security teams are focusing their attention on another vulnerability, CVE-2026-20127, which is a zero-day exploit. This could lead to a dangerous situation where the high-severity flaw is not addressed, leaving systems vulnerable to potential attacks. Organizations using Cisco SD-WAN products should be aware of this oversight, as failing to remediate the CVE-2026-20133 vulnerability could expose critical data and systems to exploitation. The urgency of addressing this issue cannot be overstated, especially as cyber threats continue to evolve rapidly.

Read Original
Actively Exploited

The Cybersecurity and Infrastructure Security Agency (CISA) has directed U.S. federal agencies to address a vulnerability in the Zimbra Collaboration Suite (ZCS) that is currently being exploited in the wild. This flaw allows for cross-site scripting attacks, which can enable attackers to execute malicious scripts in the context of a user's session. Affected organizations need to act quickly to secure their servers to prevent unauthorized access and data breaches. The urgency of this directive underscores the importance of maintaining up-to-date security practices, especially for government entities that handle sensitive information. Users of ZCS should ensure their systems are patched as soon as possible to mitigate the risk posed by this vulnerability.

Read Original

The Interlock ransomware gang has been actively exploiting a serious remote code execution vulnerability in Cisco's Secure Firewall Management Center (FMC) software since late January. This flaw, classified as having maximum severity, allows attackers to execute arbitrary code on affected systems, putting organizations at significant risk. Companies using this software should be particularly vigilant, as the vulnerability is being exploited in ongoing attacks. Cisco has not yet released a patch to address this issue, which raises concerns about the potential for widespread impact. Organizations relying on Cisco FMC should prioritize security measures and closely monitor any unusual activity to safeguard their networks.

Read Original
Actively Exploited

Amazon Threat Intelligence has issued a warning regarding an active ransomware campaign known as Interlock, which is exploiting a significant vulnerability in Cisco's Secure Firewall Management Center (FMC) Software. This vulnerability, identified as CVE-2026-20131, has a maximum severity score of 10.0 and stems from an insecure deserialization of user-supplied Java byte streams. This flaw could allow attackers to gain root access without authentication, posing a serious risk to organizations using affected Cisco products. The exploitation of this vulnerability is concerning as it enables unauthorized access, potentially leading to data breaches and system compromises. Companies using Cisco FMC Software must take immediate action to protect their systems from this ongoing threat.

Read Original

A new vulnerability identified as CVE-2026-3888 has been discovered in Ubuntu's snap package management system, allowing local users to escalate their privileges to root access through a timing-based exploit. This flaw poses a significant risk particularly for multi-user environments, as any local user could potentially gain complete control over the affected system. Ubuntu has not specified which versions are impacted, but users running the snap package system should be aware of this vulnerability. The implications of this flaw are serious, as it could enable attackers to manipulate system settings, install malicious software, or access sensitive information. Users are advised to monitor for updates from Ubuntu and apply patches as they become available.

Read Original
PreviousPage 39 of 64Next