SecurityWeek

VMware Aria Operations Vulnerability Exploited in the Wild

CVE-2026-22719, a recently patched vulnerability in VMware Aria Operations, has been exploited in the wild, CISA warned.
The Hacker News

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

Google uncovered Coruna iOS exploit kit with 23 exploits across five chains targeting iPhones running iOS 13–17.2.1.

Critical Android Update—Google Confirms 0Day Security Bypass Attacks

The vulnerability, a Qualcomm zero-day, is an integer overflow in the Graphics subcomponent, which means, Adam Boynton, senior enterprise strategy manager at Jamf, told me, “an attacker could cause ...
Security Boulevard

Microsoft’s February Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...
The Hacker News

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Cisco warns CVE-2026-20127 (CVSS 10.0) in SD-WAN is exploited since 2023 to gain admin access; CISA adds it to KEV and ...

Software vulnerabilities are being weaponized faster than ever

A report by VulnCheck shows threat groups are exploiting a small percentage of critical flaws well before security teams can ...
CRN

ConnectWise ScreenConnect Vulnerability Seeing Exploits: CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is seeing active exploits related to the ConnectWise ScreenConnect vulnerability that was reported earlier last week. Vulnerabilities ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...

Agentic attacks demand agentic defenses

Anthropic’s recent disruption of the first reported AI cyber espionage campaign reveals how rapidly threat actors are weaponizing agentic AI at scale. The emergence of agentic AI, coupled with ...

Hackers exploit zero-day flaw in Dell RecoverPoint for Virtual Machines

Threat actors are weaponizing a zero-day vulnerability in Dell RecoverPoint for Virtual Machines in a cyberattack campaign that drops a novel backdoor, according to new findings from Mandiant and ...
techtimes

Hackers Exploit Ivanti VPN Vulnerability, Revealing Latest Threats

Ivanti's enterprise VPN solution faces another instance of active exploitation due to a recent vulnerability, marking the third flaw discovered in Ivanti's Connect Secure VPN. One of the newly ...
Infosecurity-magazine.com

Malicious Actors Exploit ProjectSend Critical Vulnerability

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...