95 article(s)
A newly exploited vulnerability in Apache ActiveMQ Classic, hiding for over a decade, is enabling attackers to run code on enterprise systems. Organizations must act fast to patch and secure their deployments.
NIST is overhauling its vulnerability database strategy, prioritizing enrichment for the most critical CVEs as submission rates soar. Many flaws will now receive less analysis, marking a shift in how the cyber community tracks and responds to threats.
A dangerous remote code execution flaw in ShowDoc is under active attack, putting thousands of IT teams at risk as cybercriminals exploit easy file upload vulnerabilities to compromise sensitive documentation servers.
CISA warns of two actively exploited security flaws in Microsoft Exchange and Windows CLFS. Organizations must act fast to patch systems and prevent privilege escalation or remote code execution attacks.
A critical Fortinet vulnerability is being weaponized by hackers, prompting CISA to issue an urgent alert. Organizations worldwide must act quickly to patch or risk major breaches.
The US cybersecurity agency CISA has added seven new vulnerabilities—including Windows and Adobe Acrobat flaws—to its Known Exploited Vulnerabilities list, urging organizations to patch immediately as exploit code spreads.
A dangerous vulnerability in ShowDoc is now being actively weaponized, with attackers exploiting unpatched servers to gain remote access. Security experts urge immediate updates as the flaw continues to expose thousands worldwide.
CISA has added six newly exploited software vulnerabilities—including a critical zero-click flaw in Fortinet—to its KEV catalog. With active attacks already underway, organizations face a tight deadline to patch or risk major breaches.
Adobe has urgently patched CVE-2026-34621, a critical Acrobat Reader vulnerability exploited in the wild. Discover how the bug enabled attackers, who uncovered it, and what users should do next.
A sweeping analysis of over one billion vulnerability remediation records reveals why human-led cybersecurity is failing against AI-driven adversaries—and what must change before it’s too late.