Main Menu

CVE Vulnerability Alerts

SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
CVE Vulnerability Alerts
SolarWinds Vulnerability Exploitation Prompts Immediate Response from Federal Agencies
February 4, 2026
Following the identification of a critical vulnerability in SolarWinds Web Help Desk, CISA has instructed federal agencies to patch their systems within three days. This ...
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
CVE Vulnerability Alerts
Russian Hackers Exploit Vulnerability in Microsoft Office to Target Ukraine
February 4, 2026
Russian hackers exploited CVE-2026-21509 vulnerability in Microsoft Office targeting Ukrainian systems. CERT Ukraine urges immediate security updates as exploitation risk persists.
Exploitations of WinRAR Vulnerability CVE-2025-8088 Emerge as a Major Threat
CVE Vulnerability Alerts
Exploitations of WinRAR Vulnerability CVE-2025-8088 Emerge as a Major Threat
January 28, 2026
Cyber attackers leverage the CVE-2025-8088 high-severity WinRAR vulnerability. This security loophole is targeted for initial access and malware delivery, affecting numerous organizations globally.
Major Security Flaw Found in vm2 Node.js Sandbox Tool
CVE Vulnerability Alerts
Major Security Flaw Found in vm2 Node.js Sandbox Tool
January 28, 2026
A serious vulnerability in the vm2 Node.js sandbox library, identified as CVE-2026-22709, could jeopardize system security by enabling the execution of arbitrary code outside the ...
CISA Identifies Critical Broadcom VMware vCenter Vulnerability CVE-2024-37079
CVE Vulnerability Alerts
CISA Identifies Critical Broadcom VMware vCenter Vulnerability CVE-2024-37079
January 28, 2026
CISA has added a significant vulnerability, CVE-2024-37079, found in Broadcom VMware vCenter Server to its Known Exploited Vulnerabilities catalog. This move emphasizes the critical nature ...
CVE Vulnerability Alert! CVE-2025-14765 & CVE-2025-14766 – Microsoft Edge Remote Code Execution
CVE Vulnerability Alerts
CVE-2025-14765 & CVE-2025-14766 – Microsoft Edge Remote Code Execution
January 22, 2026
CVE-2025-64671 enables remote code execution in GitHub Copilot for JetBrains through cross prompt injection, allowing attackers to manipulate AI-generated instructions within developer environments.
Zoom's Critical Security Update Resolves Severe Vulnerability
CVE Vulnerability Alerts
Zoom’s Critical Security Update Resolves Severe Vulnerability
January 22, 2026
Zoom released a critical security update addressing CVE-2026-22844, a severe vulnerability that could facilitate remote code execution. With a CVSS score of 9.9, this flaw ...
Critical Vulnerability in Modular DS WordPress Plugin Exploited
Application Security
Critical Vulnerability in Modular DS WordPress Plugin Exploited
January 18, 2026
A serious security flaw in the Modular DS WordPress plugin has been identified and exploited, permitting unauthenticated privilege escalation. This vulnerability, CVE-2026-23550, has a maximum ...
Adobe's Latest Security Patches Address Critical Vulnerabilities in ColdFusion
Application Security
Adobe’s Latest Security Patches Address Critical Vulnerabilities in ColdFusion
January 14, 2026
Adobe recently released updates to resolve 25 vulnerabilities across its software products. A critical bug in ColdFusion, linked to Apache Tika, is among the flaws ...
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
Application Security
CISA Directs Agencies to Secure Systems After Exploitation of Zero-Day Gogs Vulnerability
January 13, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) mandates government agencies to immediately secure systems against a high-severity Gogs vulnerability, CVE-2025-8110, exploited in the wild. Organizations ...
Load More
Trending
Multi-Stage Phishing Campaign Targets Russia With Ransomware and Amnesia RAT
ShinyHunters Claims Responsibility for Recent Okta Phishing Attack
LastPass Users Targeted by Deceptive Phishing Campaign
Cybercriminals Exploit Social Media Messages for Malicious Payloads
OAuth Phishing Technique ConsentFix Poses New Threat to Microsoft Accounts
Illinois Man Charged for Snapchat Phishing Scheme
Email Security’s True Challenge: Evaluating Post-access Threats
How Misconfigured Email Routing Opens the Door for Credential Theft
Phishers Pose as Booking.com to Compromise European Hotels
Phishing Campaign Targets Users with Google Cloud Application Exploitation

Daily Briefing Newsletter

Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.