Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Ravie LakshmananMar 06, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security...
2026Vulnerability
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Ravie LakshmananMar 05, 2026Vulnerability / Enterprise Security Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN...
CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog
Ravie LakshmananMar 04, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently...
Vulnerability Management vs. Patch Management Explained
Mar 3, 2026 Vulnerability Management vs. Patch Management Explained In cybersecurity, two of the most commonly referenced but often...
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
Ravie LakshmananMar 03, 2026Vulnerability / Artificial Intelligence The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet...
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Ravie LakshmananMar 03, 2026Vulnerability / Mobile Security Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm...
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Ravie LakshmananMar 02, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome...
APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday
Ravie LakshmananMar 02, 2026Vulnerability / Threat Intelligence A recently disclosed security flaw patched by Microsoft may have been exploited by...
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
Ravie LakshmananFeb 26, 2026Vulnerability / Network Security A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart)...
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
Ravie LakshmananFeb 25, 2026Vulnerability / Windows Security SolarWinds has released updates to address four critical security flaws in its Serv-U...
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
Ravie LakshmananFeb 25, 2026Vulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently...
CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog
Ravie LakshmananFeb 21, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security...
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack Threat actors have been observed exploiting a recently disclosed critical security flaw impacting...
Microsoft Patches CVE-2026-26119 Privilege Escalation in Windows Admin Center
Ravie LakshmananFeb 19, 2026Vulnerability / Network Security Microsoft has disclosed a now-patched security flaw in Windows Admin Center that could...
Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs
Ravie LakshmananFeb 18, 2026Vulnerability / Software Security Cybersecurity researchers have disclosed multiple security vulnerabilities in four popular Microsoft Visual Studio...
