SecurityWeek

CISA Warns of Attacks Exploiting Recent SharePoint Vulnerability

The SharePoint remote code execution vulnerability CVE-2026-20963, which Microsoft patched in January, has been exploited in ...

Critical Microsoft SharePoint flaw now exploited in attacks

A critical Microsoft SharePoint vulnerability patched in January is now being exploited in attacks, the Cybersecurity and ...

Ransomware gang exploits Cisco flaw in zero-day attacks since January

The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's ...

Veeam says critical security flaws may be exposing backup servers to RCE attacks

Veeam patches three critical-severity flaws and two high-severity issues.
HotHardware

Microsoft Windows Server Update Service Is Under Attack, What You Need To Know

Windows Server 2025 is currently open to a Remote Code Execution exploit via the Windows Update Service, and at the time of this writing a fix from Microsoft has yet to fully patch the issue. Reports ...
SecurityWeek

Critical Langflow Vulnerability Exploited Hours After Public Disclosure

A critical Langflow vulnerability leading to unauthenticated remote code execution has been exploited hours after public ...
International Business Times

Hackers Use Specially Crafted Microsoft Office Document, Launch Zero-Day Attack

Remote code execution vulnerability targets Microsoft Office document users The attackers use a specially crafted Office document to launch the attack Microsoft recommends that customers use an ...
CSOonline

Critical plugin flaw opens over a million WordPress sites to RCE attacks

A critical vulnerability has been reported in WPML — a multilingual WordPress plugin with more than a million installations globally — that allows remote code execution on affected WordPress sites.