Technology ❯ Cybersecurity ❯ Threats

Exploits

Remote Code Execution Zero-Day Vulnerabilities Proof of Concept CVE Vulnerabilities Command Injection CVE-2025-14733 Remote Attacks Critical Vulnerabilities CVE-2025-59287 Malware

PolyShell Flaw Puts Magento Stores at Risk as Fix Remains Pre-Release

With no production patch, Sansec urges urgent mitigations.

Stories older than 24h

Ubuntu Patches High-Severity Snapd Flaw Enabling Local Root on Desktop 24.04+

Google Rushes Chrome 146 Update to Patch Two Zero‑Days Exploited in the Wild

SolarWinds Releases Serv-U 15.5.4 to Fix Four Critical Remote Code Execution Flaws

New Public Exploit Targets Chrome Zero‑Day CVE-2026-2441, Heightening Patch Urgency

Google Rushes Patch for Chrome Zero‑Day Exploited in the Wild

Public Exploits Detail n8n Sandbox Escape That Lets Workflow Users Take Over Servers

EDR Killer Abuses Revoked EnCase Driver to Disable 59 Security Tools

SolarWinds Releases Web Help Desk 2026.1 to Fix Critical RCE and Authentication Bypass Flaws

Fortinet Begins Patching Actively Exploited FortiCloud SSO Bypass as CISA Sets Jan. 30 Deadline

Researchers Expose Gemini Calendar Data Leak via Malicious Invites as Google Rolls Out Mitigations

WordPress Modular DS Flaw Under Active Attack as Patch Ships to Block Admin Takeovers

Palo Alto Patches GlobalProtect DoS Flaw That Can Force Firewalls Into Maintenance Mode

Apple Confirms Targeted iPhone Spyware Attacks as iOS 26 Becomes the Only Route to Critical Fixes

Cisco Patches ISE File-Read Flaw After Public Exploit

CISA Adds HPE OneView, Microsoft Office Flaws to Exploited Vulnerabilities List

Veeam Ships Fixes for Critical Backup & Replication RCE, Urges Update to 13.0.1.1071

Ongoing Multi-Chain Wallet Drains Top $107,000 as Investigators Track Suspect Address

CISA Flags Actively Exploited WatchGuard Firebox RCE as Patches and IoCs Roll Out

Fortinet, Ivanti and SAP Push Critical Fixes as FortiCloud SSO Bypass Comes to Light