The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection.
The post Critical Vulnerability Exposes Industrial Robot Fleets to Hacking appeared first on SecurityWeek.
‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery
Four vulnerabilities in OpenClaw can be chained together to steal credentials, escape the sandbox, and plant persistent backdoors.
The post ‘Claw Chain’ OpenClaw Flaws Allow Sandbox Escape, Backdoor Delivery appeared first on SecurityWeek.
Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE
The researcher dropped the MiniPlasma exploit that uses the original proof-of-concept (PoC) code targeting the bug.
The post Researcher Drops MiniPlasma Windows Exploit for Unpatched 2020 CVE appeared first on SecurityWeek.
Exploitation of Critical NGINX Vulnerability Begins
The flaw leads to denial-of-service on default configurations and to remote code execution if ASLR is disabled.
The post Exploitation of Critical NGINX Vulnerability Begins appeared first on SecurityWeek.
Hackers Earn $1.3 Million at Pwn2Own Berlin 2026
Participants demonstrated exploits for Windows, Linux, VMware, Nvidia, and AI products.
The post Hackers Earn $1.3 Million at Pwn2Own Berlin 2026 appeared first on SecurityWeek.
PoC Code Published for Critical NGINX Vulnerability
Introduced in 2008, the critical-severity security defect was patched this week in NGINX Plus and NGINX open source.
The post PoC Code Published for Critical NGINX Vulnerability appeared first on SecurityWeek.
Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions.
The post Microsoft Warns of Exchange Server Zero-Day Exploited in the Wild appeared first on SecurityWeek.
Chrome 148 Update Patches Critical Vulnerabilities
The refresh resolves critical-severity use-after-free and other types of bugs in various browser components.
The post Chrome 148 Update Patches Critical Vulnerabilities appeared first on SecurityWeek.
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616.
The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek.
New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation
The vulnerability, tracked as CVE-2026-46300, is similar to the recently disclosed exploits named Dirty Frag and Copy Fail.
The post New Linux Kernel Vulnerability Fragnesia Allows Root Privilege Escalation appeared first on SecurityWeek.
