SonicWall customers are currently facing significant risks as attackers exploit two critical zero-day vulnerabilities. Researchers revealed that these flaws were actively targeted by hackers three weeks prior to SonicWall's disclosure and patching efforts. This means that many users may still be vulnerable to attacks if they haven't updated their systems. The exploitation of these vulnerabilities could lead to unauthorized access to sensitive information and compromise network security. It's crucial for organizations using SonicWall products to take immediate action to secure their systems against these threats.
Articles tagged "Exploit"
Found 571 articles
A recently discovered vulnerability in Cursor allows attackers to execute arbitrary code on users' systems without their consent. By creating a malicious repository containing a 'git.exe' file in the project root, attackers can exploit this flaw, which Cursor executes automatically when the repository is accessed. This puts users at significant risk, especially those who frequently interact with repositories from untrusted sources or do not have adequate security measures in place. As there is currently no patch available to fix this issue, users should be cautious when using Cursor and consider limiting their exposure to potentially harmful repositories. This vulnerability serves as a reminder of the importance of maintaining security hygiene in software development environments.
The Hacker News
Mozilla has rolled out updates for Firefox to fix two serious vulnerabilities that could be exploited by attackers. The flaws, identified as CVE-2026-15718 and CVE-2026-15719, involve issues with JavaScript: WebAssembly and site isolation in the DOM: Navigation component. Mozilla has warned users that exploit code for these vulnerabilities is already available publicly, increasing the urgency for users to update. It’s crucial for Firefox users to install these updates promptly to protect against potential attacks that could compromise their security and privacy. Keeping software up to date is a key defense against such risks.
Progress has confirmed that a zero-day vulnerability was behind the recent disruption of its ShareFile service. This issue specifically impacted customers using the Storage Zones Controller, who experienced access problems. To address the situation, Progress has rolled out a fix that these customers can apply to restore functionality. The existence of a zero-day exploit raises concerns about the security of the affected systems, as attackers could have potentially leveraged this vulnerability before it was patched. Users of ShareFile should prioritize applying the fix to mitigate any risks associated with this vulnerability.
SonicWall has reported that two zero-day vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances are currently being exploited. One of these vulnerabilities, identified as CVE-2026-15409, has a critical CVSS score of 10.0 and allows remote attackers to execute arbitrary commands through a server-side request forgery (SSRF). This means that attackers can potentially gain unauthorized access to sensitive systems. The exploitation of these vulnerabilities poses a significant risk to organizations using these appliances, as it could lead to severe security breaches. SonicWall's warning emphasizes the urgency for users to address these issues to protect their networks.
SAP has issued critical updates in July 2026 to fix several vulnerabilities, including a serious flaw in the SAP NetWeaver Application Server ABAP, identified as CVE-2026-44747. This vulnerability has a CVSS score of 9.9 and involves an out-of-bounds write issue that could allow an authenticated attacker to exploit memory management errors. If successfully executed, this could lead to memory corruption, potentially enabling attackers to expose or modify sensitive data. Organizations using the affected SAP NetWeaver Application Server should prioritize these updates to protect their systems from possible exploitation. Timely patching is crucial to maintaining the integrity and confidentiality of their data.
Help Net Security
SonicWall has identified two vulnerabilities in its Secure Mobile Access (SMA) 1000 Series appliances, known as CVE-2026-15409 and CVE-2026-15410, which are currently being exploited by attackers. The company is urging its customers to upgrade to a fixed firmware version immediately and to check for signs of compromise on their systems. If any indicators of compromise are found, SonicWall recommends that organizations re-image their hardware or redeploy their virtual appliances, change all user and administrator passwords, and reset any Time-based One-Time Password (TOTP) tokens. This situation raises concerns for organizations relying on these appliances for secure remote access, as attackers could exploit these vulnerabilities to gain unauthorized access to sensitive information. Swift action is essential to mitigate potential risks.
The article discusses a method called TTP chaining, which helps organizations assess their vulnerability to cyber attacks without the need to run potentially harmful exploits. Many organizations are unable to test their systems directly due to the risk involved, especially if the systems are critical. By validating the attack techniques that an exploit relies on, companies can better understand their security posture and determine the potential for exploitation. This approach allows for a safer evaluation of vulnerabilities, which is particularly important for organizations that cannot afford downtime or disruptions. It emphasizes the need for proactive security measures in a landscape where threats are constantly evolving.
A vulnerability linked to ClaudeBleed affects Chrome extensions, allowing them to access potentially sensitive information from users' Gmail and Calendar accounts. Despite eight patches being released, this flaw remains unaddressed, raising concerns for users who rely on these services. The issue stems from how extensions interact with the browser, which could lead to unauthorized data access. This poses a significant risk, as malicious extensions could exploit this vulnerability to harvest private data without user consent. Users of Chrome should be cautious about the extensions they install and regularly check for updates to ensure their security.
ABB has identified multiple vulnerabilities in its T-MAC Plus version 4.0-24 software, which could allow attackers to exploit the system in various ways. These vulnerabilities include issues like file disclosure, broken access controls, cross-site scripting (XSS), and an insecure network protocol that could lead to denial-of-service attacks. Affected users are urged to update to version 4.0-25, which contains fixes for these issues. The vulnerabilities are considered serious, with CVSS scores ranging from 7.4 to 9.9, indicating that they pose significant risks to security. Companies using this software should prioritize applying the update to protect their systems from potential exploitation.
ABB has identified a vulnerability, CVE-2026-31431, in its ABB Ability Edgenius platform, which affects versions 3.2.0.0 to 3.2.4.0. This vulnerability is linked to a flaw in the Linux kernel's cryptographic interface that could allow a locally authenticated user to gain elevated privileges, potentially leading to full control of the system. While there have been no reports of this vulnerability being exploited in the wild, ABB recommends that users update to version 3.2.4.1 to mitigate the risk. Users should also limit access to their systems to enhance security. This incident underscores the importance of timely software updates and access controls in protecting against potential exploits.
ABB has identified a vulnerability in its Advant Master Online Builder products that could allow unauthorized code execution due to improper handling of search paths for loading dynamic link libraries (DLLs). Affected versions include Control Builder A versions up to 1.4/4 and multiple iterations of 800xA for Advant Master. To mitigate the risk, ABB has released updates that resolve the vulnerability, advising users to upgrade to specific patched versions. Importantly, the vulnerability requires physical access to the system, which limits its exploitability. However, users are still urged to manage access strictly and enforce strong security practices to prevent potential exploitation.
CISA has issued a warning about active exploitation of several vulnerabilities in on-premises SharePoint Server instances, specifically CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164. These vulnerabilities allow attackers to execute remote code and potentially steal sensitive data from affected systems. All supported versions of SharePoint Server, including the Subscription Edition, 2019, and 2016, are at risk. Organizations are advised to monitor their SharePoint Servers for unusual activities and to apply the latest patches from Microsoft. Additional vulnerabilities have been identified but are not yet known to be exploited, emphasizing the need for prompt updates and hardening measures to prevent possible breaches.
SAP has issued a warning regarding 16 vulnerabilities in various products, with three of these classified as critical. The affected products include NetWeaver, Commerce Cloud, and AppRouter. These flaws could potentially allow attackers to exploit weaknesses in the systems, which is particularly concerning for organizations relying on these platforms for their operations. Users of these SAP products should take immediate action to address these vulnerabilities to protect their data and systems. The update comes as part of SAP's July 2026 security updates, emphasizing the ongoing need for vigilance in cybersecurity practices.
FIFA's network has been found to have significant vulnerabilities that could be accessed by individuals with minimal permissions. This raises serious security concerns about the integrity of sensitive information within FIFA's systems. The implications are broad, particularly for user data and operational security, as attackers could potentially exploit these weaknesses to gain unauthorized access. It is crucial for FIFA and similar organizations to address these vulnerabilities to protect against potential breaches and ensure the safety of their digital infrastructure. The situation highlights the need for ongoing security assessments in high-profile organizations.