WinRAR Flaw Exploited by Russia-Aligned Groups to Deploy Stealers in Ukraine
Ravie LakshmananJun 09, 2026Vulnerability / Cyber Espionage Two Russia-aligned cyber attack campaigns have continued to exploit a security flaw in...
2026Vulnerability
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now
Ravie LakshmananJun 09, 2026Vulnerability / Browser Security Google has released security updates to address 74 vulnerabilities, including one that has...
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
Ravie LakshmananJun 09, 2026Vulnerability / Artificial Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity...
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups
Ravie LakshmananJun 08, 2026Vulnerability / Network Security Check Point has warned of active exploitation of a critical vulnerability impacting Remote...
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
Ravie LakshmananJun 06, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security...
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Swati KhandelwalJun 06, 2026Vulnerability / Endpoint Security Two things landed within days of each other this week. A security startup...
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Ravie LakshmananJun 06, 2026Vulnerability / Network Security Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has...
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Swati KhandelwalJun 04, 2026Vulnerability / Network Security Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated...
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
Swati KhandelwalJun 04, 2026Vulnerability / AI Security A security researcher found a flaw in Anthropic's Claude Code GitHub Action that...
WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
Swati KhandelwalJun 03, 2026Vulnerability / Artificial Intelligence A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could...
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Ravie LakshmananJun 03, 2026Vulnerability / Software Development Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS...
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Ravie LakshmananJun 03, 2026Vulnerability / Network Security Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited...
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Ravie LakshmananJun 03, 2026Vulnerability / Server Security Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers,...
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Ravie LakshmananJun 02, 2026Vulnerability / Mobile Security Google on Monday released patches for 124 security vulnerabilities impacting its Android operating...
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
Ravie LakshmananJun 02, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity...