SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.
SecurityWeek

‘GreatXML’ Zero-Day Exploit Bypasses BitLocker

GreatXML, a new Windows BitLocker bypass exploit, targets a zero-day vulnerability in Microsoft Defender’s offline scan.
Lifehacker

Update Chrome ASAP to Protect Yourself From This Active Exploit

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...

Microsoft Defender 'RoguePlanet' zero-day grants SYSTEM privileges

A security researcher has released a new Microsoft Defender zero-day exploit named "RoguePlanet" just hours after Microsoft ...
GitHub

POOPS PS5 Autoloader - BD-J Kernel Exploit & ELF Autoloader

It's Poops-PS5-Java chained with 'ps5_autoloader.elf' For implemented ISO, go check BD-UN-JB-Poops-Autoloader. 'Poops.java' is Java port of the poops_ps5.lua IPv6 UAF kernel exploit originally ...
Yahoo Finance

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

The above button links to Coinbase. Yahoo Finance is not a broker-dealer or investment adviser and does not offer securities or cryptocurrencies for sale or facilitate trading. Coinbase pays us for ...
Yahoo Finance

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

SUNNYVALE, Calif., March 31, 2026--(BUSINESS WIRE)--Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today highlighted growing security risks for enterprises relying ...
theregister

Ransomware crims abused Cisco 0-day weeks before disclosure, says Amazon security boss

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...
The Hacker News

Java | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have disclosed details of what appears to be a new strain of Shai Hulud on the npm registry with slight modifications from the previous wave observed last month. The npm ...
The Hacker News

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

Cybersecurity researchers have disclosed that a critical security flaw impacting ICTBroadcast, an autodialer software from ICT Innovations, has come under active exploitation in the wild. The ...
Computerwoche Online

Oracle knew about currently exploited Java vulnerabilities for months, researcher says

Oracle knew since April about the existence of the two unpatched Java 7 vulnerabilities that are currently being exploited in malware attacks, according to Adam Gowdiak, the founder and CEO of Polish ...
Dark Reading

China's Volt Typhoon Exploits Zero-Day in Versa's SD-WAN Director Servers

China's notorious Volt Typhoon group has been actively exploiting a zero-day bug in Versa Networks' Director Servers, to intercept and harvest credentials to be used future attacks. The bug, now ...