SecurityWeek

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

Threat actors began targeting a recently patched BeyondTrust vulnerability shortly after a proof-of-concept (PoC) exploit was released.

Microsoft Confirms Windows Is Under Attack — Update Now

Attackers have not waited for Exploit Wednesday; the Microsoft Windows zero-day attacks have already started. Here’s what you need to know and do.

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.
CRN

Microsoft Discloses ‘Extraordinarily High’ Number Of Zero-Day Vulnerabilities: Researcher

Microsoft’s monthly release of security updates Tuesday included fixes for six vulnerabilities that are considered to be ...

Microsoft releases urgent Office patch. Russian-state hackers pounce.

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the ...
SecurityWeek

Russia’s APT28 Rapidly Weaponizes Newly Patched Office Vulnerability

APT28 rushed to exploit the Office vulnerability CVE-2026-21509, with the first attacks observed just days after Microsoft announced fixes.
CRN

Cisco Discloses High-Severity Vulnerability, Exploit Code Released

The tech giant has provided a patch for the root escalation vulnerability, which affects a number of devices that run the Cisco Integrated Management Controller. Cisco disclosed a new high-severity ...
techtimes

Hackers Exploit Ivanti VPN Vulnerability, Revealing Latest Threats

Ivanti's enterprise VPN solution faces another instance of active exploitation due to a recent vulnerability, marking the third flaw discovered in Ivanti's Connect Secure VPN. One of the newly ...
TechRepublic

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...
Infosecurity-magazine.com

Malicious Actors Exploit ProjectSend Critical Vulnerability

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...
InfoWorld

Exploit released for CA product vulnerability

Code released just two days after CA warned customers and issued patch for security holes in its License Client and Server software Malicious hackers have released code that exploits a widespread ...