Coverage
Vulnerabilities
754 articles on vulnerability disclosures and exploits
Advertisement
Microsoft Windows Hotpatching to be Enabled by Default in May 2026
Microsoft will enable hotpatching by default for Intune-managed Windows devices in May 2026, allowing security updates without reboots to reduce downtime.
CVE-2024-29847: Ivanti EPM RCE Under Active Exploitation - Patch Now
CISA warns of active exploitation of a critical Ivanti EPM vulnerability (CVE-2024-29847). Learn how to mitigate this unauthenticated RCE threat immediately.
Reducing Attack Surface to Prevent Zero-Day Scrambles
Learn how attack surface reduction limits internet-facing exposure and mitigates the impact of rapidly exploited zero-day vulnerabilities.
CISA Flags SolarWinds, Ivanti, and Workspace One Flaws in KEV Update
CISA adds vulnerabilities in SolarWinds, Ivanti, and Omnissa Workspace One UEM to its Known Exploited Vulnerabilities catalog following active exploitation.
Google Cloud Security: Exploits Surpass Weak Credentials
Google Cloud reports a major shift in attack vectors, with software vulnerability exploitation now outpacing weak credentials as the primary access method.
CVE-2026-1603: CISA Warns of Active Ivanti and SolarWinds Exploitation
CISA adds CVE-2026-1603, CVE-2025-26399, and CVE-2021-22054 to the KEV catalog, requiring immediate remediation for Ivanti, SolarWinds, and Omnissa systems.
Qualcomm 0-Day and iOS Exploit Chains: Impact & Mitigation Strategies
This weekly recap details active exploitation of a Qualcomm zero-day, iOS exploit chains, and emerging 'AirSnitch' attack methods. Learn what defenders should prioritize.
AirSnitch: Cross-Layer Desynchronization Enables Wi-Fi MitM Attacks
Research reveals AirSnitch, a vulnerability exploiting Wi-Fi Layers 1 and 2 to execute bidirectional MitM attacks across home and enterprise networks.
Chinese APT Group Targets Asian Critical Infrastructure via Web Exploits
A Chinese threat actor is targeting high-value infrastructure across Asia using web server exploits and Mimikatz for long-term cyber espionage campaigns.
CVE-2026-20127: Cisco Catalyst SD-WAN Exploited — Patch Guide
WatchTowr reports widespread exploitation attempts targeting a recent CVE-2026-20127 vulnerability in Cisco Catalyst SD-WAN devices, urging immediate action.
Firefox 148 Security Update: Anthropic AI Uncovers 22 Vulnerabilities
Anthropic's Claude Opus 4.6 AI model identified 22 security vulnerabilities in Firefox, including 14 high-severity flaws addressed in the version 148 release.
OpenAI Codex Security: Scanning 1.2 Million Commits for Vulnerabilities
OpenAI's Codex Security identifies over 10,000 high-severity vulnerabilities across 1.2 million commits using AI-driven detection and automated remediation.