Latest IntelligenceVulnerabilitiesPage 19
Search by keyword →Oracle Patches 450 Vulnerabilities With April 2026 CPU
The company released 481 new security patches across 28 product families, including over 300 fixes for remotely exploitable, unauthenticated flaws. The post Ora...
Over 1,300 Microsoft SharePoint servers vulnerable to spoofing attacks
Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abu...
Exploits Turn Windows Defender into Attacker Tool
Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are unpatched....
Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk
The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to spread ransomware and compromise supply...
Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool
The prompt-injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary co...
Unsecured Perforce Servers Expose Sensitive Data From Major Orgs
Things are improving, but a researcher has still identified over 1,500 Perforce P4 instances allowing attackers to read files on the server. The post Unsecured ...
Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster
The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass. The post Progress Patches Multiple Vulnerabil...
UK probes Telegram and other chat apps over child safety failures
The UK’s communications regulator Ofcom has opened formal investigations into Telegram, Teen Chat, and Chat Avenue over concerns they are failing to prevent the...
Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool
The prompt injection vulnerability in the agentic AI product for filesystem operations was a sanitization issue that allowed for sandbox escape and arbitrary co...
Hackers Fail to Exploit Flaw in Discontinued TP-Link Routers
In-the-wild exploitation has been ongoing for a year, but no successful payload execution has been observed. The post Hackers Fail to Exploit Flaw in Discontinu...
OpenAI Expands Cyber Defense Program With GPT-5.4-Cyber Access for Trusted Organizations
OpenAI has officially launched the expanded phase of its Trusted Access for Cyber program. Granting select organizations access to its specialized GPT-5.4-Cyber...
Researcher Uses Claude Opus to Build a Working Chrome Exploit Chain
Amidst the heated debate surrounding Anthropic’s recent announcement of its Mythos and Project Glasswing models, a security researcher has demonstrated the tang...
Nexcorium-Associated Mirai Variant Uses TBK DVR Exploit to Scale Botnet Operations
A new iteration of the notorious Mirai botnet, dubbed Nexcorium, has emerged in the wild, aggressively targeting internet-connected video recording devices. Acc...
PoC Exploit Released for FortiSandbox Vulnerability that Allows Attacker to Execute Commands
A proof-of-concept (PoC) exploit has been publicly released for a critical vulnerability in Fortinet’s FortiSandbox product, tracked as CVE-2026-3980...
How NIST's Cutback of CVE Handling Impacts Cyber Teams
Industry and ad hoc coalitions appear poised to help fill the gap created by NIST's decision to cut back on CVE data enrichment....
Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
A known security flaw in several end-of-life TP-Link Wi-Fi routers is being actively targeted by hackers trying to install Mirai-based botnet malware on vulnera...
Every Old Vulnerability Is Now an AI Vulnerability
AI's danger isn't that it's creating new bugs, it's that it's amplifying old ones....
In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested
Other noteworthy stories that might have slipped under the radar: ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to b...
Recent Apache ActiveMQ Vulnerability Exploited in the Wild
The remote code execution vulnerability tracked as CVE-2026-34197 came to light in early April. The post Recent Apache ActiveMQ Vulnerability Exploited in the W...
CISA flags Apache ActiveMQ flaw as actively exploited in attacks
CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this month after going undetected for 13 ...