Active Exploitation Alert
269 posts | Page 2 of 12
Active Exploitation Alert
Active Exploitation Alert: Ghost CMS CVE-2026-26980 Mass Attack Hijacks 700+ Sites for ClickFix Malware Campaigns
Active Exploitation Alert
TrapDoor Supply Chain Attack Actively Exploiting npm, PyPI, and CratesIO to Steal Developer Credentials in Crypto, DeFi, Solana, and AI Sectors
Active Exploitation Alert
Active Exploitation Alert: Lazarus Group Targets Financial and Crypto Firms with RemotePE Memory-Only RAT
Active Exploitation Alert
Critical Active Exploitation Alert: CVE-2026-48172 in LiteSpeed cPanel Plugin Enables Root Privilege Escalation
Active Exploitation Alert
Active Exploitation Alert: Laravel Lang PHP Packages Compromised in Supply Chain Attack to Deploy Credential-Stealing Malware
Active Exploitation Alert
Active Exploitation Alert: Underminr Vulnerability in Major CDN Providers Enables Attackers to Hide Malicious Traffic Behind Trusted Domains
Active Exploitation Alert
Microsoft Defender Zero-Day Vulnerabilities RedSun and UnDefend Actively Exploited on Windows 10, 11, and Server (April 2026 CVE Analysis)
Active Exploitation Alert
CVE-2026-42897 Zero-Day Analysis: Microsoft Exchange Server OWA XSS Vulnerability Exploited in the Wild
Active Exploitation Alert
Funnel Builder Plugin Vulnerability Exploited in WooCommerce Checkout Skimming Campaign; Security Patch Available
Active Exploitation Alert
PoC Code Published for Critical NGINX and Ingress-NGINX Vulnerabilities (CVE-2026-42945 & CVE-2025-1974): Remote Code Execution Risk for Web Servers and Kubernetes Clusters
Active Exploitation Alert
CVE-2026-41940: Active Exploitation of cPanel/WHM Authentication Bypass to Deploy Filemanager Backdoor
Active Exploitation Alert
UAE Cyber Threat Landscape 2026: AI-Driven Attacks, Ransomware Surge, and Exploited Vulnerabilities in Ivanti, Microsoft, and Cisco Systems
Active Exploitation Alert
Critical DAEMON Tools Supply Chain Attack: Malware-Compromised Windows Installers Threaten Organizations and Home Users (Versions 12.5.0.2421–12.5.0.2434)
Active Exploitation Alert
ConsentFix v3: Automated OAuth Abuse Targets Microsoft Azure and Entra ID, Bypassing MFA and Conditional Access
Active Exploitation Alert
CVE-2026-42208: Critical Pre-Auth SQL Injection in LiteLLM Actively Exploited Within 36 Hours of Disclosure
Active Exploitation Alert
Critical Authenticated Remote Code Execution Vulnerability in JuzaWeb CMS 3.4.2 (CVE-2025-5425) – Exploit in the Wild and Mitigation Guidance
Active Exploitation Alert
BlueNoroff APT Targets Crypto and Web3 Firms with AI Deepfakes and Fake Zoom Malware on macOS
Active Exploitation Alert
Firestarter Backdoor Malware Targets Cisco ASA and FTD Firewalls, Survives Updates and Security Patches
Active Exploitation Alert
CVE-2026-33626: Critical SSRF Vulnerability in LMDeploy Rapidly Exploited in the Wild — Technical Analysis and Mitigation Guide
Active Exploitation Alert
China-Linked GopherWhisper APT Targets Mongolian Government: Abuse of Slack, Discord, and Microsoft 365 in Advanced Espionage Campaign
Active Exploitation Alert
Surge in Malware and Phishing Attacks via n8n Webhooks: Analysis of Cloud Workflow Automation Abuse (2025-2026)
Active Exploitation Alert
Over 100 Malicious Chrome Extensions in Chrome Web Store Steal Google and Telegram Data, Create Persistent Backdoors
Active Exploitation Alert
Critical nginx-ui Vulnerability CVE-2026-33032: Actively Exploited Authentication Bypass Allowing Full Nginx Server Takeover
Active Exploitation Alert