Technology ❯ Cybersecurity ❯ Threat Actors

Exploitation Techniques

Remote Code Execution Command Injection Reconnaissance Operations Privilege Escalation Post-Compromise Activity Spyware Attacks Authentication Bypass Denial of Service Public PoC Zero-Click Exploits

CISA Flags Two-Year-Old Oracle WebLogic Flaw as Actively Exploited

The agency ordered federal networks to patch by June 4 to block attacks that can give unauthenticated actors remote access to server data.

Active Exploitation of Palo Alto GlobalProtect Flaw Forces Urgent Patching

Belgium Says Critical Windows Netlogon Flaw Is Being Actively Exploited

Attackers Use FortiClient EMS Bug to Push Infostealer to Managed Endpoints

KnowledgeDeliver Zero-Day Lets Hackers Install Godzilla Web Shells and Cobalt Strike

Attackers Poison More Than 700 Ghost CMS Sites to Push ClickFix Malware

cPanel Zero-Day Drives Ongoing Exploits as CISA Demands Fast Patching

CISA Orders Federal Fix for Microsoft Defender 'BlueHammer' Flaw Exploited in the Wild

Mirai Botnet Actively Exploits Year-Old Flaw in Retired D-Link DIR-823X Routers

New Nexcorium Mirai Variant Exploits TBK DVR Flaw to Build IoT DDoS Botnet

Marimo RCE Exploited Within Hours of Disclosure

F5 Reclassifies BIG-IP APM Bug as Critical RCE as In‑the‑Wild Attacks Unfold

Attackers Exploit Critical Langflow RCE Within 20 Hours of Disclosure

CISA Adds Three Actively Exploited Flaws to KEV, Sets Fast Federal Patching Deadlines

Cisco Patches Two CVSS 10 Flaws in Secure Firewall Management Center

FreeScout Zero-Click Flaw (CVE-2026-28289) Enables Full Server Takeover

BeyondTrust Pre-Auth RCE Is Now Being Exploited in the Wild

Active Attacks Hit SolarWinds Web Help Desk, Abusing Zoho ManageEngine and Velociraptor

BeyondTrust Patches Critical Pre-Auth RCE in Remote Access Tools

Hackers Actively Exploit 'Metro4Shell' CVE-2025-11953 in React Native Metro Servers