Tag: exploit

Attackers can exploit the bugs through prompt injection, chaining them together to escape the sandbox and execute arbitrary code. The post CrewAI Vulnerabilities Expose Devices to Hacking appeared first on SecurityWeek.

Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively exploited Chrome zero-day of 2026. Now, another emergency update has been released, fixing two more flaws already exploited in the wild, CVE-2026-3910 in Chrome’s V8 JavaScript and WebAssembly engine and CVE-2026-3909, an out-of-bounds write bug […]

Steady cadence of Android zero-days marked as exploited in the wild makes its path to 2026. Following CVE-2025-48633 and CVE-2025-48572, two Android Framework bugs Google flagged for active exploitation, defenders keep seeing the same familiar pattern. Mobile-chain vulnerabilities can move fast from limited attacks to real enterprise risk when patching lags.  In March 2026, that […]

Remotely exploitable, the integer underflow vulnerability impacts StrongSwan releases spanning 15 years. The post StrongSwan Flaw Allows Unauthenticated Attackers to Crash VPNs appeared first on SecurityWeek.

Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp […]

Fortinet has released an emergency weekend security update for a new critical FortiClient Enterprise Management Server (EMS) vulnerability that is actively exploited in attacks. […]

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell (CVE-2025-55182) in vulnerable Next.js apps. […]

Comments

Attempts to Exploit Exposed „Vite“ Installs (CVE-2025-30208) https://isc.sans.edu/diary/Attempts%20to%20Exploit%20Exposed%20%22Vite%22%20Installs%20%28CVE-2025-30208%29/32860 OpenSSH 10.3 Release https://seclists.org/oss-sec/2026/q2/7 Claude Code Vulnerability https://adversa.ai/claude-code-security-bypass-deny-rules-disabled/

From its GitHub repo: „Vite (French word for „quick“, pronounced /vi?t/, like „veet“) is a new breed of frontend build tooling that significantly improves the frontend development experience“ [https://github.com/vitejs/vite].