Coverage
Vulnerabilities
754 articles on vulnerability disclosures and exploits
Advertisement
Google Reports 90 Zero-Day Exploits in 2025: Enterprise Focus
Google Threat Intelligence Group tracked 90 zero-day vulnerabilities actively exploited throughout 2025, with nearly half targeting enterprise software and appliances.
Microsoft Outlook CVE-2025-21418: Mitigating NTLM Relay Attacks
Analysis of CVE-2025-21418 in Microsoft Outlook. Learn how attackers bypass security features to leak NTLM hashes and the steps needed for mitigation.
Reclaim Security Secures $20M to Automate Vulnerability Remediation
Reclaim Security raises $20 million to solve the remediation gap, focusing on automating fixes and reducing mean time to remediate for enterprise SOC teams.
Cisco Catalyst SD-WAN Manager Exploitation: Patch CVE-2024-20437 Now
Cisco confirms active exploitation of two high-severity flaws in Catalyst SD-WAN Manager, involving hardcoded credentials and authentication bypass.
Cisco Catalyst SD-WAN Manager CVE-2023-20252 — Mitigation Guide
Cisco warns of active exploitation targeting Catalyst SD-WAN Manager vulnerabilities CVE-2023-20252 and CVE-2023-20253. Immediate patching is required.
VMware Aria Operations Command Injection Exploitation: Cloud Risk
A critical command injection vulnerability in VMware Aria Operations is actively exploited, granting attackers broad access to cloud environments. Immediate patching is
Mail2Shell Zero-Click RCE Threatens FreeScout Servers
A critical Mail2Shell zero-click vulnerability in FreeScout helpdesk allows unauthenticated remote code execution, granting full server control. Immediate patching is
Coruna iOS Exploit Kit: Spyware-Grade Threat Targets Crypto
The sophisticated Coruna iOS exploit kit, leveraging 23 undocumented vulnerabilities, is now deployed in targeted espionage and crypto theft attacks.
Cisco Secure FMC Root Access & DoS Flaws Patched: Update Now
Cisco addresses two maximum-severity vulnerabilities in Secure Firewall Management Center (FMC) allowing unauthenticated root access and denial of service. Immediate
Coruna iOS Exploit Kit Targets iOS 13-17.2.1 with 23 Exploits
Google's GTIG identified Coruna (CryptoWaters), a powerful iOS exploit kit leveraging 23 exploits across 5 chains to target iOS 13.0-17.2.1. Update immediately.
CVE-2025-22719: VMware Aria Operations RCE Exploited in the Wild
CVE-2025-22719 is a critical remote code execution vulnerability in VMware Aria Operations for Networks currently being exploited by unauthenticated attackers.
VMware Aria Operations CVE-2026-22719 Exploited - Mitigation Guide
CISA adds CVE-2026-22719, a VMware Aria Operations command injection flaw, to the KEV catalog following active exploitation. Secure your systems now.