Coverage
Vulnerabilities
754 articles on vulnerability disclosures and exploits
Advertisement
Daily Threat Brief: Persistent Vulnerabilities & Defense Fundamentals
Analyzing the ongoing cybersecurity challenges highlighted in the SANS ISC Stormcast. Focus on persistent vulnerabilities, phishing, and essential defense strategies for
Microsoft March Update: 83 CVEs Patched, Prioritization Key
Microsoft's March Patch Tuesday addresses 83 CVEs across its product line. Learn why applying these security updates is crucial for defending against potential
March 2026 Patch Tuesday: Microsoft Fixes 77 Vulnerabilities
Microsoft's March 2026 Patch Tuesday addresses 77 vulnerabilities across Windows and other software. Learn about the risks and how to prioritize patching.
Microsoft Patch Tuesday March 2026: 8 Critical Vulnerabilities Addressed
Microsoft's March 2026 Patch Tuesday addresses 93 vulnerabilities, including 8 critical issues across various products and 9 in Microsoft Edge (Chromium).
CVE-2025-57176: Unauthenticated File Upload in Ceragon Siklu Devices
An unauthenticated file upload vulnerability (CVE-2025-57176) in Ceragon Siklu MultiHaul and EtherHaul series devices poses risks to critical communications
CVE-2026-3611: Critical Auth Bypass in Honeywell IQ4x BMS Controllers
CISA warns of a critical authentication bypass (CVE-2026-3611) in Honeywell IQ4x BMS Controllers, allowing unauthenticated attackers administrative access and potential
Adobe Security Update: 80 Vulnerabilities Across 8 Products Patched
Adobe's comprehensive security update addresses 80 vulnerabilities across 8 products, including Commerce, Acrobat Reader, and Premiere Pro. Immediate patching is vital.
Microsoft Patch Tuesday: 83 Vulnerabilities, Critical Flaw Addressed
Microsoft's latest Patch Tuesday addresses 83 vulnerabilities across its product line, including one critical flaw. Security teams must prioritize immediate patching.
Windows 10 KB5078885 ESU Fixes Two Zero-Days — Patch Guidance
Microsoft releases Windows 10 KB5078885 Extended Security Update to address two zero-day vulnerabilities and a critical system shutdown bug for ESU subscribers.
FortiGate NGFW Exploitation Leads to Service Account Credential Theft
Threat actors are exploiting FortiGate devices to extract configuration files and steal service account credentials, facilitating lateral movement in networks.
KadNap Botnet: ASUS Routers Hijacked for Faceless Proxy Network
The KadNap botnet hijacks ASUS routers via CVE-2024-3080 to fuel the Faceless proxy service, enabling cybercriminals to mask traffic through residential IPs.
Ivanti EPM CVE-2024-29824 Exploited: Technical Analysis and Patching
CISA warns of active exploitation of CVE-2024-29824 in Ivanti Endpoint Manager. Secure your Core server with our technical analysis and mitigation guide.