MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Ravie LakshmananMay 05, 2026Vulnerability / Network Security Threat actors are actively exploiting a critical security flaw impacting an open-source content...
exploiting
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Ravie LakshmananApr 18, 2026IoT Security / Vulnerability Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link...
Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched
Ravie LakshmananApr 17, 2026Vulnerability / Endpoint Security Huntress is warning that threat actors are exploiting three recently disclosed security flaws...
Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet
Image: Generated via Google’s Nano Banana Attackers have been exploiting a zero-day vulnerability in Adobe Acrobat Reader for months, using...
Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025
Ravie LakshmananApr 09, 2026Vulnerability / Threat Intelligence Threat actors have been exploiting a previously unknown zero-day vulnerability in Adobe Reader...
Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed
Threat actors are exploiting a maximum-severity security flaw in Flowise, an open-source artificial intelligence (AI) platform, according to new findings...
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Ravie LakshmananApr 02, 2026Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection...
International police Operation Alice take down 373,000 dark web sites exploiting children
International police Operation Alice take down 373,000 dark web sites exploiting children Pierluigi Paganini March 23, 2026 Operation Alice: Police...
Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems
Ravie LakshmananMar 23, 2026Vulnerability / Endpoint Security Threat actors are suspected to be exploiting a maximum-severity security flaw impacting Quest...
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure
Interlock group exploiting the CISCO FMC flaw CVE-2026-20131 36 days before disclosure Pierluigi Paganini March 19, 2026 The Interlock ransomware...
Fake Claude Code Spreads Malware to Windows, macOS Users
Image: Rawpixel/Envato Threat actors are exploiting a common developer habit — copying installation commands directly from websites — to distribute...
Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer
Microsoft warns of ClickFix campaign exploiting Windows Terminal to deliver Lumma Stealer Pierluigi Paganini March 06, 2026 Microsoft warns of...
BeyondTrust Flaw Used for Web Shells, Backdoors, and Data Exfiltration
Ravie LakshmananFeb 20, 2026Vulnerability / Cyber Attack Threat actors have been observed exploiting a recently disclosed critical security flaw impacting...
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Ravie LakshmananFeb 03, 2026Open Source / Vulnerability Threat actors have been observed exploiting a critical security flaw impacting the Metro...
