Technology ❯ Cybersecurity

Vulnerabilities

Remote Code Execution Zero-Day Exploits Software Vulnerabilities Exploits Zero-Day Vulnerabilities CVE Malware Exploitation Known Exploited Vulnerabilities Authentication Bypass

PolyShell Flaw Puts Magento Stores at Risk as Fix Remains Pre-Release

With no production patch, Sansec urges urgent mitigations.

Researchers Detail ‘DarkSword’ iPhone Exploit as Apple Issues Fixes and Warnings

Attackers Exploit Critical Langflow RCE Within 20 Hours of Disclosure

Ubiquiti Patches CVSS 10 UniFi Bug That Could Enable Account Takeover

CISA Flags Cisco Firewall Zero-Day Exploited by Interlock, Sets March 22 Patch Deadline

Audits Expose Widespread Flaws in Vibe‑Coded Apps as Safety Tooling Ramps Up

Apple Rolls Out First Background Security Improvements to Fix WebKit Same-Origin Bug

CISA Flags SharePoint, Zimbra Flaws as Actively Exploited, Sets Rapid Federal Patching Deadlines

Ubuntu Patches High-Severity Snapd Flaw Enabling Local Root on Desktop 24.04+

Researchers Show DNS Loophole Lets AWS Bedrock Code Interpreter Leak Data in Sandbox Mode

Companies House Restores WebFiling After Months-Long Flaw Exposed Directors’ Details

CISA Adds Actively Exploited Wing FTP Flaw to KEV With March 30 Fix Deadline

Google Rushes Chrome 146 Update to Patch Two Zero‑Days Exploited in the Wild

Qualys Discloses 'CrackArmor' Flaws in Linux AppArmor Exposing Root and Container Escapes

Ledger Uncovers MediaTek TEE Flaw Letting Attackers Extract PINs and Wallet Seeds in Under a Minute

Apple Backports Coruna Exploit Fixes in iOS 16.7.15 and 15.8.7 for Older iPhones and iPads

CISA Puts Actively Exploited n8n RCE on KEV, Orders Federal Patching by March 25

Ally WordPress Plugin SQL Injection Leaves Hundreds of Thousands of Sites at Risk

Microsoft’s March Patch Tuesday Fixes 80+ Flaws, Two Public Zero‑Days, No Active Exploits Reported

Exploit-Driven Hacks Overtake Credential Abuse in Cloud Breaches, Google Warns