Technology ❯ Cybersecurity ❯ Vulnerabilities

Exploits

Spyware CVE-2025-53770 Zero-Day Exploits User Safety CVE-2025-6558 Malware Patches Zero-Day Attacks CVE-2026-20700 Remote Access CVE-2025-24085 CVE-2026-1731 Privilege Escalation CVE-2025-31201 Core Audio Vulnerability Security Fixes CoreAudio CVE-2025-10035 CVE-2025-6543 Information Disclosure WinRAR Microsoft Remote Attacks SIM Swapping Personal Information Spotlight Vulnerability CitrixBleed2 CVE-2025-5777 Microsoft SharePoint Sploitlight CVE Identifiers ImageIO Vulnerability SAP NetWeaver Memory Corruption CVE-2025-8875 and CVE-2025-8876 Unpatched Servers Apple Security Update Microsoft Flaw Apple Pixie Dust Samsung Samsung Galaxy CVE-2025-21043 Smart Contract Flaws CVE-2025-32463 CVE-2025-59489 CVE-2025-11412 Side Channel Attacks User Impact Rounding Errors Malicious Software Gogs CVE-2023-20198 CVE-2026-21509 Man-in-the-Middle Attacks Fortinet FortiWeb Zero-Day CVE-2025-21042 CVE-2025-12480 CVE-2026-20805 Heap Corruption WebKit Flaws Security Patches React Server Components CVE-2024-37085 CVE-2026-21514 GhostPairing CVE-2026-21513 CVE-2025-37164 CVE-2026-21510 CVE-2025-8088 CVE-2024-37079 Digital Certificates Mobile Devices Qualcomm Chips CVE-2024-43047 USB Restricted Mode Physical Access CVE-2025-24200 Security Flaws WebKit Audio Decoding CVEs Patching CVE-2025-31200

Cisco SD-WAN Zero-Day Exploited Since 2023 Triggers Emergency Directives, Urgent Patching

Federal orders require immediate inventories, forensic hunts following findings of a rogue‑peering attack chain used for long‑running intrusions.

CISA Flags BeyondTrust RCE as Used in Ransomware Attacks

BeyondTrust Pre-Auth RCE Is Now Being Exploited in the Wild

APT28 Exploits Newly Patched Microsoft Office Flaw in Targeted Campaigns

Google Warns of Widespread, Ongoing Exploitation of WinRAR Vulnerability

CISA Warns VMware vCenter Flaw Is Under Attack, Sets Federal Patch Deadline

CISA Puts Actively Exploited Gogs RCE on KEV, Orders Federal Fix by Feb. 2

Android’s January Patch Fixes Critical Dolby DD+ Flaw as Samsung Plans Play System Update Return

Notarized MacSync Stealer Variant Bypasses Gatekeeper as Apple Revokes Signing Certificate

Apple Limits Critical iPhone Fixes to iOS 26.2, Pressuring Users to Upgrade

Google Links More State Groups to React2Shell as Wallet-Draining Attacks Spread

Fortinet Confirms Critical FortiWeb Zero-Day Is Being Exploited as CISA Sets Nov. 21 Patch Deadline

Mandiant Says Hackers Exploit Triofox Flaw to Create Admin Accounts and Execute Code

CISA Orders Patch of Exploited Samsung Zero‑Day Used to Deliver LANDFALL Spyware

Balancer Blames $116.6 Million DeFi Heist on Rounding Bug in Swap Math

ASD Flags Ongoing BadCandy Re-Infections on Cisco IOS XE as 150+ Devices Remain Compromised

ToolShell SharePoint Exploits Spread Across Four Continents, Symantec Finds

Researchers Unveil 'Pixnapping' Android Attack That Steals On‑Screen Data in Seconds

Windows 10 Support Ends Tuesday as Microsoft Urges ESU Enrollment

Steam Blocks Risky Launches as Microsoft Urges Uninstalls After Unity Patches High-Severity Engine Flaw