The Hacker News

Cisco Fixes Actively Exploited Zero-Day CVE-2026-20045 in Unified CM and Webex

Cisco fixes actively exploited CVE-2026-20045 zero-day enabling unauthenticated RCE in Unified CM and Webex; CISA sets Feb 11, 2026 deadline.
Security Boulevard

AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities

In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on ...
SecurityWeek

Fresh SmarterMail Flaw Exploited for Admin Access

Threat actors started exploiting a SmarterMail authentication bypass flaw for remote code execution only days after patches ...
SecurityWeek

Organizations Warned of Exploited Zimbra Collaboration Vulnerability

CISA has expanded the KEV list with exploited vulnerabilities in Zimbra, eslint-config-prettier, Versa Concerto, and Vite framework.

Fortinet FortiGate devices hit in automated attacks which create rogue accounts and steal firewall data

A recent Fortinet patch may not work as well as expected ...
The Hacker News

Automated FortiGate Attacks Exploit FortiCloud SSO to Alter Firewall Configurations

Arctic Wolf reports automated attacks on FortiGate devices abusing FortiCloud SSO flaws to change firewall settings and steal ...
The Register on MSN

RondoDox botnet linked to large-scale exploit of critical HPE OneView bug

Check Point observes 40K+ attack attempts in 4 hours, with government organizations under fire A critical HPE OneView flaw is ...

Cisco fixes Unified Communications RCE zero day exploited in attacks

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as ...

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall ...
Security Boulevard

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Command Injection Vulnerability

Exploit code has been published for CVE-2025-64155, a critical command injection vulnerability affecting Fortinet FortiSIEM ...
Dark Reading

Microsoft Starts 2026 With a Bang: A Freshly Exploited Zero-Day

Among them is a zero-day vulnerability in Desktop Window Manager (DWM) designated as CVE-2026-20805 (CVSS score: 5.5), which ...

Critical Cisco UC bug actively exploited

The RCE flaw lets remote attackers gain root on affected systems with no user interaction. Cisco has released multiple ...