TweakTown

WinRAR 'high-risk' exploit discovered, make sure you update to the latest release

TL;DR: WinRAR has a critical security vulnerability (CVE-2025-6218) allowing remote code execution via directory traversal in Windows versions. This exploit risks sensitive data and system integrity.

Google Issues Emergency Chrome Update — 0Day Exploit Confirmed

Don’t delay, ensure Chrome is updated now as Google confirms an emergency security alert. CVE-2026-2441 exploited in the wild ...
TechRepublic

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs Your email has been sent Volt Typhoon, a Chinese state-sponsored hacking group, has been caught ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
Bleeping Computer

Cisco fixes root escalation vulnerability with public exploit code

Cisco has fixed a command injection vulnerability with public exploit code that lets attackers escalate privileges to root on vulnerable systems. Tracked as CVE-2024-20469, the security flaw was found ...

VulnCheck Exploit Intelligence Report Separates Real-World Exploitation Activity from Theoretical Vulnerability Risk

VulnCheck, the exploit intelligence company, today released the 2026 VulnCheck Exploit Intelligence Report (VEIR), a first-of ...
Hosted on MSN

Hackers Exploit Microsoft Software Vulnerability To Reportedly Target Governments And Businesses—What To Know

A vulnerability in Microsoft’s SharePoint server software was exploited by hackers to carry out “active attacks” globally on various entities, including businesses and U.S. federal agencies, prompting ...
Bleeping Computer

Cisco warns of denial of service flaw with PoC exploit code

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code. Tracked as CVE-2025-20128, the vulnerability is caused by a ...
Infosecurity-magazine.com

Malicious Actors Exploit ProjectSend Critical Vulnerability

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...
Ars Technica

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

It's not like I expect these guys to have a better nature; but honestly I'm just not sure who the charade is for. The issue has been all over security nerd media and 3rd party security outfits since ...
InfoWorld

Exploit released for CA product vulnerability

Code released just two days after CA warned customers and issued patch for security holes in its License Client and Server software Malicious hackers have released code that exploits a widespread ...