CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).

Ransomware gang exploits Cisco flaw in zero-day attacks since January

The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's ...
The Hacker News

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

CVE-2026-32746 exposes telnetd via pre-auth flaw (CVSS 9.8), enabling root RCE through port 23, risking full system takeover.
SecurityWeek

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.

OpenClaw, the Fastest-Adopted Software Ever, Is Also a Security Blind Spot

OpenClaw is already running inside enterprises, often unnoticed. Learn why banning it fails and how CISOs must shift to ...
Security Boulevard

FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access ...
Cybernews

CISA flags actively exploited vulnerability of file transfer software used by US Air Force and Sony

Tracked as CVE-2025-47813, the security flaw allows threat actors with low privileges to discover the full local installation path of the application on unpatched servers ...
Cybernews

Hackers are doing their homework – and your VPN is first on the list, report warns

New findings from Hewlett Packard Enterprise (HPE) show that cybergangs like Akira are diligently doing their market research ...
Channel Buzz

Firewalls, rogue devices, and your own tools: what Barracuda’s threat report means for MSPs

Every year, security vendors publish threat reports. Most say variations of the same thing. But Barracuda’s Managed XDR Global Threat Report stands out for a reason that matters to MSPs: it’s built on ...