Latest IntelligenceVulnerabilitiesPage 2
Search by keyword →
Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tutori...
Cisco warns of critical Unified CM flaw with PoC exploit code
Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges....
Acer working to patch max severity zero-days in Wave 7 routers
Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. [...]...
Police dismantles 9 crime groups in illegal streaming crackdown
European and international law enforcement agencies have dismantled nine organized crime groups and arrested 29 suspects in a major crackdown on illegal streami...
VS Code zero-day lets hackers steal GitHub tokens in one click
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication t...
Critical Kirki flaw exploited to hijack WordPress admin accounts
Hackers are exploiting a critical privilege escalation vulnerability (CVE-2026-8206) in the Kirki plugin for WordPress to take over any user account, including ...
CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is ...
Euro-Office adds encrypted email provider Tuta ahead of public release
Tuta has announced that it has joined the Euro-Office project, a European initiative developing an open-source, cloud-based office suite designed to reduce depe...
Google fixes one actively exploited Android zero-day, 124 flaws
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]...
Android June 2026 update patches actively exploited zero-day
Google has released the June 2026 Android security updates, addressing dozens of vulnerabilities across the mobile operating system, including a high-severity z...
Dashlane password manager users locked out by brute force attacks
Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. [...
Brave’s new AgentStop system reduces wasted AI battery drain by 23%
Brave has introduced AgentStop, a new open-source system designed to reduce the energy consumed by local AI agents running on consumer hardware. The technology ...
Race Against Time: Why Faster Vulnerability Alerts Matter
Attackers are exploiting vulnerabilities faster than many organizations can identify and patch them. SecAlerts explains why faster vulnerability alerts can help...
Critical Windows Netlogon RCE flaw now exploited in attacks
The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recentl...
WP Maps Pro bug exploited to create admin accounts on WordPress sites
Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without auth...
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting...
Chrome security update addresses 22 critical severity flaws
Google has released a major Chrome security update that fixes 151 vulnerabilities in the browser, including 22 critical-severity flaws. While no actively exploi...
Hackers exploit FortiClient EMS flaw to push infostealer malware
Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented cred...
New Gogs zero-day flaw lets hackers get remote code execution
An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. [....
DuckDuckGo sees 30% growth spike as Google forces AI on Search
DuckDuckGo says it experienced a significant spike in users following Google’s announcement of a sweeping AI-powered overhaul of Search at Google I/O 2026. Acco...