An improper authentication bug allows attackers to escalate their privileges and escape containers.
The post Organizations Warned of Exploited Linux Kernel Vulnerability appeared first on SecurityWeek.
Oracle WebLogic Vulnerability Exploited in the Wild
The vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers.
The post Oracle WebLogic Vulnerability Exploited in the Wild appeared first on SecurityWeek.
CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day
Resolved last week, the vulnerability was exploited in the wild as a zero-day to execute scripts with root privileges.
The post CISA Urges Immediate Patching of Exploited LiteSpeed cPanel Plugin Zero-Day appeared first on SecurityWeek.
Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities
CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before.
The post Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities appeared first on SecurityWeek.
NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software
To optimize management of CVE volume, entries that do not meet specific criteria will not be automatically enriched.
The post NIST Prioritizes NVD Enrichment for CVEs in CISA KEV, Critical Software appeared first on SecurityWeek.
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count.
The post Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities appeared first on SecurityWeek.
Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities
The security defects allow attackers to escalate privileges and execute arbitrary code remotely.
The post Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities appeared first on SecurityWeek.
Russian APT Exploits Zimbra Vulnerability Against Ukraine
Insufficient sanitization of CSS content within HTML emails leads to inline script execution when the message is opened in a browser.
The post Russian APT Exploits Zimbra Vulnerability Against Ukraine appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability
The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in the wild.
The post CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability appeared first on SecurityWeek.
CISA Flags Year-Old Wing FTP Vulnerability as Exploited
Tracked as CVE-2025-47813, the flaw leads to the disclosure of the full local installation path of the application.
The post CISA Flags Year-Old Wing FTP Vulnerability as Exploited appeared first on SecurityWeek.
