Contact DMCA Privacy

Robuta

Sponsor of the Day: Jerkmate
https://www.rapid7.com/blog/post/crushftp-zero-day-exploited-in-the-wild/ CVE-2025-54309: Crush FTP Vulnerability Exploited in the Wild On July 18, 2025, CrushFTP disclosed CVE-2025-54309, a critical vulnerability affecting versions below 10.8.5 and 11.3.4_23 across all platforms. cve 2025vulnerability exploitedcrushftpwild https://www.infosecurity-magazine.com/news/critical-citrix-netscaler/ Critical Citrix NetScaler Vulnerability Exploited in the Wild - Infosecurity Magazine Apr 3, 2026 - Researchers from watchTowr and Defused have found evidence that attackers are actively exploiting CVE-2026-3055, a critical NetScaler vulnerability citrix netscalervulnerability exploitedinfosecurity magazinecriticalwild https://www.rapid7.com/blog/post/etr-critical-cisco-catalyst-vulnerability-exploited-in-the-wild-cve-2026-20127/ Critical Cisco Catalyst Vulnerability Exploited in the wild (CVE-2026-20127) On February 25, 2026, Cisco disclosed a critical authentication bypass vulnerability in Cisco Catalyst SD‑WAN Controller and Cisco Catalyst SD‑WAN Manager,... cisco catalystvulnerability exploitedcve 2026criticalwild https://threats.wiz.io/all-incidents/windows-smartscreen-vulnerability-exploited-by-mispadu-trojan Windows SmartScreen vulnerability exploited by Mispadu trojan Mispadu Stealer, a banking Trojan first reported in November 2019, has been observed exploiting the Windows SmartScreen bypass vulnerability, CVE-2023-36025.... vulnerability exploitedwindowssmartscreentrojan https://hackread.com/zimbra-email-platform-vulnerability-phishing-scam/ Zimbra email platform vulnerability exploited to steal European govt emails Oct 9, 2023 - Researchers have noted that attackers are targeting a medium-severity Zimbra vulnerability that the company patched in version 9.0.0 Patch 24, one year ago. zimbra emailvulnerability exploitedplatformstealeuropean https://www.aha.org/news/headline/2026-03-31-alerts-warn-f5-big-ip-vulnerability-being-exploited-malicious-activity Alerts warn F5 BIG-IP vulnerability being exploited for malicious activity | AHA News The Cybersecurity and Infrastructure Security Agency released an alert March 27 on a vulnerability in F5 BIG-IP Access Policy Manager software that is being... f5 big ipmalicious activityaha newsalertswarn https://www.threatdown.com/blog/update-now-sysaid-vulnerability-is-actively-being-exploited-by-ransomware-affiliate/ Update now! SysAid vulnerability is actively being exploited by ransomware affiliate - ThreatDown... May 7, 2024 - A SysAid vulnerability is actively being exploited by an affiliate associated with the Cl0p ransomware group. updatevulnerabilityactivelyexploitedransomware https://www.technobezz.com/news/apple-releases-emergency-ios-updates-to-fix-fbi-exploited-signal-vulnerability Apple Releases Emergency iOS Updates to Fix FBI-Exploited Signal Vulnerability | Technobezz Apr 24, 2026 - Apple's emergency iOS updates patch a Signal notification flaw exploited by the FBI, urging immediate installation to protect user data. apple releasesios updatesemergencyfixfbi https://www.crowdstrike.com/en-us/blog/how-exprt-ai-predicts-next-exploited-vulnerability/ How ExPRT.AI Predicts the Next Exploited Vulnerability | CrowdStrike Oct 17, 2025 - Built into Falcon Exposure Management, ExPRT.AI predicts which vulnerabilities attackers will exploit next — cutting noise and prioritizing real risk. ai predictsnextexploitedvulnerabilitycrowdstrike https://www.rapid7.com/blog/post/etr-critical-vulnerability-in-fortinet-fortiweb-exploited-in-the-wild/ Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild On October 6, 2025, the cyber deception company Defused published a proof-of-concept exploit on social media that was captured by one of their Fortinet... critical vulnerabilityfortinetfortiwebexploitedwild https://gbhackers.com/tbk-dvr-vulnerability/ TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware Apr 20, 2026 - Hackers are actively exploiting a critical vulnerability in TBK digital video recorder (DVR) devices to deploy a new Mirai-based botnet called Nexcorium. cve 2024 3721tbkdvrvulnerabilityexploited https://www.heise.de/en/news/FortiClient-EMS-Critical-code-injection-vulnerability-is-being-exploited-11246026.html FortiClient EMS: Critical code-injection vulnerability is being exploited | heise online Apr 5, 2026 - Fortinet has provided hotfixes and strongly advises admins to apply them quickly. They patch an exploited code-injection vulnerability. forticlient emscode injectionheise onlinecriticalvulnerability https://www.malwarebytes.com/blog/news/2019/08/bluetooth-vulnerability-can-be-exploited-in-key-negotiation-of-bluetooth-knob-attacks Bluetooth vulnerability can be exploited in Key Negotiation of Bluetooth (KNOB) attacks |... Dec 4, 2025 - Researchers called it KNOB, a clever attack against the firmware of a Bluetooth chip that allows hackers to hijack the sensitive data of paired devices. bluetoothvulnerabilityexploitedkeynegotiation https://www.esentire.com/security-advisories/nginx-ui-authentication-bypass-vulnerability-cve-2026-33032-exploited Nginx-ui Authentication Bypass Vulnerability CVE-2026-33032 Exploited | eSentire Apr 16, 2026 - THE THREAT A critical authentication bypass vulnerability impacting Nginx-ui, CVE-2026-33032 (9.8), is being actively exploited in the wild. The flaw resides... vulnerability cve 2026nginx uiauthentication bypassexploitedesentire https://gbhackers.com/cisa-issues-urgent-warning-on-langflow-code-injection-vulnerability/ CISA Issues Urgent Warning on Langflow Code Injection Vulnerability Actively Exploited in Attacks Mar 26, 2026 - The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical code-injection vulnerability in Langflow. issues urgent warningcode injectionactively exploitedcisalangflow https://thehackernews.com/2025/12/react2shell-vulnerability-actively.html React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors React2Shell vulnerability CVE-2025-55182 is actively exploited to deploy Linux malware, run commands, and steal cloud credentials at scale. actively exploitedreact2shellvulnerabilitydeploylinux