CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs.
The post Recent Ivanti Endpoint Manager Flaw Exploited in Attacks appeared first on SecurityWeek.
Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited
WatchTowr reports seeing exploitation attempts for CVE-2026-20127 from numerous unique IP addresses.
The post Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited appeared first on SecurityWeek.
CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List
The nation-state-grade iOS exploit kit targets 23 vulnerabilities affecting iOS 13 to 17.2.1.
The post CISA Adds iOS Flaws From Coruna Exploit Kit to KEV List appeared first on SecurityWeek.
Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks
The vulnerability was disclosed and mitigated in 2021 but its in-the-wild exploitation has only now come to light.
The post Rockwell Vulnerability Allowing Remote ICS Hacking Exploited in Attacks appeared first on SecurityWeek.
Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises
Less than half of the total zero-days have been attributed to a threat actor, but spyware vendors and China are in the lead.
The post Google: Half of 2025’s 90 Exploited Zero-Days Aimed at Enterprises appeared first on SecurityWeek.
Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild
The networking giant has added the recently patched CVE-2026-20128 and CVE-2026-20122 to the list of exploited vulnerabilities.
The post Cisco Warns of More Catalyst SD-WAN Flaws Exploited in the Wild appeared first on SecurityWeek.
VMware Aria Operations Vulnerability Exploited in the Wild
The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution.
The post VMware Aria Operations Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Android Update Patches Exploited Qualcomm Zero-Day
An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption.
The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek.
900 Sangoma FreePBX Instances Infected With Web Shells
The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface.
The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek.
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers
Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges.
The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek.
