Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
ColdFusion
Attackers exploit critical Adobe ColdFusion vulnerability (CVE-2026-48282)

CVE-2026-48282, one of the maximum severity vulnerabilities patched in Adobe ColdFusion on June 30, 2026, has been targeted by attackers in the wild. Exploitation attempts …

Check Point
Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)

WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check …

Ivanti
Critical Ivanti Sentry flaw allows root-level remote code execution (CVE-2026-10520)

Ivanti has patched two critical vulnerabilities (CVE-2026-10520 and CVE-2026-10523) in Ivanti Sentry and has urged customers to implement the fix right away. Though the …

cPanel
cPanel zero-day exploited for months before patch release (CVE-2026-41940)

A critical authentication bypass vulnerability (CVE-2026-41940) in cPanel, a popular web-based control panel for managing web hosting accounts, is being exploited by attackers …

Netscaler
Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)

Citrix has fixed two vulnerabilities in NetScaler ADC and NetScaler Gateway, with the more serious flaw (CVE-2026-3055) potentially allowing attackers to extract active …

BeyondTrust
Hackers probe, exploit newly patched BeyondTrust RCE flaw (CVE-2026-1731)

Attackers are exploiting a recently patched critical vulnerability (CVE-2026-1731) in internet-facing BeyondTrust Remote Support and Privileged Remote Access instances. …

alert
Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)

For the third time in two weeks, CISA added a vulnerability (CVE-2026-24423) affecting SmarterTools’ SmarterMail email and collaboration server to its Known Exploited …

SolarWinds Web Help Desk
SolarWinds fixes critical Web Help Desk RCE vulnerabilities, upgrade ASAP!

SolarWinds has fixed six critical and high-severity vulnerabilities in its popular Web Help Desk (WHD) support ticketing and asset management solution, and is urging customers …

Help Net Security
watchTowr Active Defense delivers automated protection from exposure to defense

watchTowr announced major capability enhancements, including the launch of Active Defense, a new capability that closes the gap between discovery and protection. Active …

key
Popular code formatting sites are exposing credentials and other secrets

Widely used code formatting sites JSONFormatter and CodeBeautify are exposing sensitive credentials, API keys, private keys, configuration files and other secrets, watchTowr …

Fortinet
A suspected Fortinet FortiWeb zero-day is actively exploited, researchers warn

A suspected (but currently unidentified) zero-day vulnerability in Fortinet FortiWeb is being exploited by unauthenticated attackers to create new admin accounts on …

Microsoft Windows
CISA warns of Windows SMB flaw under active exploitation (CVE-2025-33073)

CVE-2025-33073, a Windows SMB Client vulnerability that Microsoft fixed in June 2025, is being exploited by attackers. The confirmation comes from the Cybersecurity and …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released for important security events and breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools