Skip to main content
Scour
Browse
Getting Started
Login
Sign Up
You are offline. Trying to reconnect...
Copied to clipboard
Unable to share or copy to clipboard
Back to article
Critical SharePoint Zero-Day (CVE-2025-53770) Under Active Exploitation
(opens in new tab)
98
articles covering this post
cisa.gov
·
47w
47 weeks ago
·
Hacker News
·
Open original
(opens in new tab)
Save
Love
Like
Dislike
|
Add interest
Feeds
Share
|
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block
Add interest
Show Feeds
Share
Report
Off Topic
Harmful Content
Low Quality
Spam
Misleading
Duplicate
Wrong Language
Block Domain
Covered in 98 articles
A website is like a car and launch day is only the handover
webiano.digital
·
5w
5 weeks ago
Actions for A website is like a car and launch day is only the handover
CISA warns of active attacks exploiting Android, Linux bugs
bleepingcomputer.com
·
2w
2 weeks ago
Actions for CISA warns of active attacks exploiting Android, Linux bugs
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
bleepingcomputer.com
·
2w
2 weeks ago
·
Hacker News
Actions for Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Microsoft warns of new Defender zero-days exploited in attacks
bleepingcomputer.com
·
4w
4 weeks ago
·
Hacker News
Actions for Microsoft warns of new Defender zero-days exploited in attacks
Why CVSS Isn't Enough: Prioritising Vulnerabilities with EPSS and CISA KEV
dev.to
·
1d
1 day ago
·
DEV
Actions for Why CVSS Isn't Enough: Prioritising Vulnerabilities with EPSS and CISA KEV
Your EOL Dates Are Deadlines. Now They Live on Your Calendar.
dev.to
·
1w
1 week ago
·
DEV
Actions for Your EOL Dates Are Deadlines. Now They Live on Your Calendar.
The Third Shadow of CitrixBleed — Large-Scale Exploitation of a NetScaler Memory Overread Reignites
dev.to
·
2w
2 weeks ago
·
DEV
Actions for The Third Shadow of CitrixBleed — Large-Scale Exploitation of a NetScaler Memory Overread Reignites
Joomla, LiteSpeed Vulnerabilities Exploited in Attacks
securityweek.com
·
2d
2 days ago
Actions for Joomla, LiteSpeed Vulnerabilities Exploited in Attacks
No Patch Planned for Exploited Arista EOS Vulnerability
securityweek.com
·
1w
1 week ago
Actions for No Patch Planned for Exploited Arista EOS Vulnerability
Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
securityweek.com
·
4w
4 weeks ago
Actions for Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days
CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
wired.com
·
1w
1 week ago
Actions for CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
CVE-2026-20262: Cisco Catalyst SD-WAN Manager Path Traversal — Find Exposed Instances
hellorecon.com
·
4d
4 days ago
·
Hacker News
Actions for CVE-2026-20262: Cisco Catalyst SD-WAN Manager Path Traversal — Find Exposed Instances
CVE-2026-10520: Ivanti Sentry Unauthenticated OS Command Injection — Find Exposed Instances
hellorecon.com
·
1w
1 week ago
·
Hacker News
Actions for CVE-2026-10520: Ivanti Sentry Unauthenticated OS Command Injection — Find Exposed Instances
Vulnerabilities and exploits: where are we headed?
lesswrong.com
·
1d
1 day ago
Actions for Vulnerabilities and exploits: where are we headed?
quantumcore/kev_monitor: Monitors the CISA KEV catalog for changes and alerts you via desktop notification.
github.com
·
3w
3 weeks ago
·
Hacker News
Actions for quantumcore/kev_monitor: Monitors the CISA KEV catalog for changes and alerts you via desktop notification.
Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next
venturebeat.com
·
17h
17 hours ago
Actions for Copilot searched your mailbox. LiteLLM handed out admin keys. Run this 5-check audit before your stack is next
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
thehackernews.com
·
2d
2 days ago
Actions for CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
thehackernews.com
·
3d
3 days ago
Actions for Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
thehackernews.com
·
3d
3 days ago
Actions for CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
thehackernews.com
·
3d
3 days ago
Actions for ⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
thehackernews.com
·
1w
1 week ago
Actions for CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
thehackernews.com
·
1w
1 week ago
Actions for LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE
CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
thehackernews.com
·
1w
1 week ago
Actions for CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
thehackernews.com
·
2w
2 weeks ago
Actions for ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
thehackernews.com
·
2w
2 weeks ago
Actions for CISA Adds Exploited Magento RCE Flaw CVE-2026-45247 to KEV Catalog
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
thehackernews.com
·
2w
2 weeks ago
Actions for Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More
thehackernews.com
·
3w
3 weeks ago
Actions for ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
thehackernews.com
·
3w
3 weeks ago
Actions for Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
thehackernews.com
·
4w
4 weeks ago
Actions for CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
thehackernews.com
·
4w
4 weeks ago
Actions for Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
thehackernews.com
·
5w
5 weeks ago
Actions for CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
No Patch Coming: The Arista EOS Tunnel Bug Your Scanner Will Miss
malware.news
·
2d
2 days ago
Actions for No Patch Coming: The Arista EOS Tunnel Bug Your Scanner Will Miss
Microsoft Defender vulnerabilities are being exploited in the wild
malware.news
·
4w
4 weeks ago
Actions for Microsoft Defender vulnerabilities are being exploited in the wild
AI Slop and the Vulnerability Treadmill
redmonk.com
·
4w
4 weeks ago
·
Hacker News
Actions for AI Slop and the Vulnerability Treadmill
Patching Won't Save You
siderolabs.com
·
6w
6 weeks ago
·
Hacker News
Actions for Patching Won't Save You
The 5 Most Disastrous API Vulnerabilities
nordicapis.com
·
1d
1 day ago
Actions for The 5 Most Disastrous API Vulnerabilities
The Vulnerability Deluge Is Here. Here's How to Filter It (Sponsor)
blackkite.com
·
1w
1 week ago
Actions for The Vulnerability Deluge Is Here. Here's How to Filter It (Sponsor)
The NVD Backlog Is a Symptom. Vulnerability Management Has a Scaling Problem
nowsecure.com
·
2w
2 weeks ago
Actions for The NVD Backlog Is a Symptom. Vulnerability Management Has a Scaling Problem
AI agents help Cato slash ‘time-to-protect’ from new CVEs
computerweekly.com
·
2w
2 weeks ago
Actions for AI agents help Cato slash ‘time-to-protect’ from new CVEs
Vulnerability exploitation now primary origin of data breaches
computerweekly.com
·
4w
4 weeks ago
Actions for Vulnerability exploitation now primary origin of data breaches
Tune In: The Future of AI-Powered Vulnerability Discovery
crowdstrike.com
·
5w
5 weeks ago
Actions for Tune In: The Future of AI-Powered Vulnerability Discovery
U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday
securityaffairs.com
·
1h
1 hour ago
Actions for U.S. CISA adds Splunk Enterprise flaw to its Known Exploited Vulnerabilities catalog and urges agencies to fix it by Sunday
U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
1d
1 day ago
Actions for U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog
CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation
securityaffairs.com
·
3d
3 days ago
Actions for CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation
U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
3d
3 days ago
Actions for U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog
Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw
securityaffairs.com
·
4d
4 days ago
Actions for Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw
U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
6d
6 days ago
Actions for U.S. CISA adds Oracle PeopleSoft Enterprise PeopleTools flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14
securityaffairs.com
·
6d
6 days ago
Actions for U.S. CISA adds Ivanti Sentry flaw to its Known Exploited Vulnerabilities catalog and urges patching by June 14
U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
1w
1 week ago
Actions for U.S. CISA adds Cisco Catalyst SD-WAN, Arista Extensible Operating System (EOS), and Google Chromium V8 flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
1w
1 week ago
Actions for U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
1w
1 week ago
Actions for U.S. CISA adds SolarWinds Serv-U flaw to its Known Exploited Vulnerabilities catalog
Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet
securityaffairs.com
·
1w
1 week ago
Actions for Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet
U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
2w
2 weeks ago
Actions for U.S. CISA adds Mirasvit Full Page Cache Warmer flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
2w
2 weeks ago
Actions for U.S. CISA adds Android and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
Google Patches Actively Exploited Android Flaw Affecting Millions of Devices
securityaffairs.com
·
2w
2 weeks ago
Actions for Google Patches Actively Exploited Android Flaw Affecting Millions of Devices
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
2w
2 weeks ago
Actions for U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
2w
2 weeks ago
Actions for U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks
securityaffairs.com
·
3w
3 weeks ago
Actions for CVE-2026-35616: FortiClient EMS Flaw Actively Exploited in Malware Attacks
U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
3w
3 weeks ago
Actions for U.S. CISA adds Daemon Tools, TanStack, and Nx Console flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
3w
3 weeks ago
Actions for U.S. CISA adds LiteSpeed cPanel Plugin flaw to its Known Exploited Vulnerabilities catalog
Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
securityaffairs.com
·
3w
3 weeks ago
Actions for Microsoft SharePoint Has a New RCE Flaw. If You Haven’t Patched Yet, Go Do That.
U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
3w
3 weeks ago
Actions for U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
4w
4 weeks ago
Actions for U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
4w
4 weeks ago
Actions for U.S. CISA adds Microsoft and Adobe flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
4w
4 weeks ago
Actions for U.S. CISA adds a flaw in Microsoft Exchange Server to its Known Exploited Vulnerabilities catalog
CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
securityaffairs.com
·
4w
4 weeks ago
Actions for CVE-2026-42897: Microsoft confirms active exploitation of Exchange Server zero-day
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
securityaffairs.com
·
5w
5 weeks ago
Actions for U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
CISA BOD 26-04: Frequently asked questions about the new risk-based patching directive
tenable.com
·
1w
1 week ago
Actions for CISA BOD 26-04: Frequently asked questions about the new risk-based patching directive
The June 2026 AI Executive Order: What federal agencies need to know and how Tenable can help
tenable.com
·
2w
2 weeks ago
Actions for The June 2026 AI Executive Order: What federal agencies need to know and how Tenable can help
Inside the customer environment: Where threat actors, vulnerabilities, and exposed assets intersect
tenable.com
·
3w
3 weeks ago
Actions for Inside the customer environment: Where threat actors, vulnerabilities, and exposed assets intersect
Tenable Research breaks down the Verizon DBIR 2026 and why vulnerability exploitation now leads as the #1 breach cause. Explore how to improve remediation rates, even as the volume of CISA KEV vulnerabilities surges.
tenable.com
·
4w
4 weeks ago
Actions for Tenable Research breaks down the Verizon DBIR 2026 and why vulnerability exploitation now leads as the #1 breach cause. Explore how to improve remediation rates, even as the volume of CISA KEV vulnerabilities surges.
What 22,000 breaches teach us about incident preparedness
csoonline.com
·
2d
2 days ago
Actions for What 22,000 breaches teach us about incident preparedness
CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
csoonline.com
·
1w
1 week ago
Actions for CISA tells agencies to patch smarter, not harder — foreshadowing broader industry practice
Cisco warns of an actively exploited SD-WAN flaw with max severity
csoonline.com
·
4w
4 weeks ago
Actions for Cisco warns of an actively exploited SD-WAN flaw with max severity
Continuous Security Validation Best Practices: A Practical Guide for Security Teams
guidepointsecurity.com
·
4w
4 weeks ago
Actions for Continuous Security Validation Best Practices: A Practical Guide for Security Teams
Before it gets a number – About CVE, CWE and vulnerabilities prevention
quodeq.ai
·
4w
4 weeks ago
·
Hacker News
Actions for Before it gets a number – About CVE, CWE and vulnerabilities prevention
BOD 26-04: A new era of prioritized remediation
runzero.com
·
1w
1 week ago
Actions for BOD 26-04: A new era of prioritized remediation
CISA Has Admitted CVSS Isn't Enough — Four Questions That Replace Your CVSS Score
pathandpayload.com
·
1w
1 week ago
Actions for CISA Has Admitted CVSS Isn't Enough — Four Questions That Replace Your CVSS Score
A Security Tool as the Weapon: Breaking Down the FortiClient EMS Campaign
pathandpayload.com
·
3w
3 weeks ago
Actions for A Security Tool as the Weapon: Breaking Down the FortiClient EMS Campaign
Microsoft Defender vulnerabilities are being exploited in the wild
malwarebytes.com
·
4w
4 weeks ago
Actions for Microsoft Defender vulnerabilities are being exploited in the wild
What Successful Exposure Management Deployments Had in Common in 2026
blog.checkpoint.com
·
1d
1 day ago
Actions for What Successful Exposure Management Deployments Had in Common in 2026
The Good, the Bad and the Ugly in Cybersecurity – Week 23
sentinelone.com
·
1w
1 week ago
Actions for The Good, the Bad and the Ugly in Cybersecurity – Week 23
Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
unit42.paloaltonetworks.com
·
2w
2 weeks ago
Actions for Threat Brief: Active Exploitation of PAN-OS CVE-2026-0257
NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys
webflow.sysdig.com
·
5w
5 weeks ago
Actions for NATS-as-C2: Inside a new technique attackers are using to harvest cloud credentials and AI API keys
Cloud Application Security Best Practices for DevSecOps
orca.security
·
6d
6 days ago
Actions for Cloud Application Security Best Practices for DevSecOps
Cloud Security Tools: 10 Types Explained for Teams
orca.security
·
6d
6 days ago
Actions for Cloud Security Tools: 10 Types Explained for Teams
8 Container Security Best Practices for 2026
orca.security
·
1w
1 week ago
Actions for 8 Container Security Best Practices for 2026
The 5-Step Context-Aware Cloud Vulnerability Prioritization Framework
orca.security
·
1w
1 week ago
Actions for The 5-Step Context-Aware Cloud Vulnerability Prioritization Framework
SAST vs SCA: Key Differences for AppSec Teams
orca.security
·
1w
1 week ago
Actions for SAST vs SCA: Key Differences for AppSec Teams
What Is ASPM? A Guide to Application Security Posture Management
orca.security
·
1w
1 week ago
Actions for What Is ASPM? A Guide to Application Security Posture Management
What Is Kubernetes as a Service? KaaS Explained
orca.security
·
2w
2 weeks ago
Actions for What Is Kubernetes as a Service? KaaS Explained
GenAI Risks in Cloud Environments: What Security Teams Are Actually Missing in 2026
orca.security
·
4w
4 weeks ago
Actions for GenAI Risks in Cloud Environments: What Security Teams Are Actually Missing in 2026
What Is Multi-Cloud Security?
orca.security
·
4w
4 weeks ago
Actions for What Is Multi-Cloud Security?
Cisco warns of an actively exploited SD-WAN flaw with max severity
networkworld.com
·
4w
4 weeks ago
Actions for Cisco warns of an actively exploited SD-WAN flaw with max severity
In other languages
Angreifer nehmen Oracle WebLogic-Server in die Mangel
heise.de
·
2w
2 weeks ago
Actions for Angreifer nehmen Oracle WebLogic-Server in die Mangel
「Firefox、前年比20倍のバグ修正423件」Mythosショックで迫る「パッチの波」の対処法は
kaztaira.wordpress.com
·
4w
4 weeks ago
Actions for 「Firefox、前年比20倍のバグ修正423件」Mythosショックで迫る「パッチの波」の対処法は
(g+) Linux-Rechteausweitung: Wie ein normaler Linux-Nutzer zu Root wird
golem.de
·
3d
3 days ago
Actions for (g+) Linux-Rechteausweitung: Wie ein normaler Linux-Nutzer zu Root wird
Kritisk sårbarhet i Cisco Catalyst SD-WAN Controller och SD-WAN Manager
cert.se
·
5w
5 weeks ago
Actions for Kritisk sårbarhet i Cisco Catalyst SD-WAN Controller och SD-WAN Manager
Keyboard Shortcuts
Navigation
Next / previous item
j
/
k
Open post
o
or
Enter
Preview post
v
Post Actions
Love post
a
Like post
l
Dislike post
d
Undo reaction
u
Save / unsave
s
Recommendations
Add interest / feed
Enter
Not interested
x
Go to
Home
g
h
Interests
g
i
Feeds
g
f
Likes
g
l
History
g
y
Changelog
g
c
Settings
g
s
Browse
g
b
Search
/
Pagination
Next page
n
Previous page
p
General
Show this help
?
Submit feedback
!
Close modal / unfocus
Esc
Press
?
anytime to show this help
Like
Save
Dislike
Report