Security news.
Today's security landscape is marked by critical vulnerabilities, active exploitation, and significant supply chain attacks. Microsoft Exchange and Cisco SD-WAN zero-days are under active attack, while several WordPress plugins and popular npm packages have been compromised, leading to credential theft and potential site takeovers.
PoC Code Released for Critical NGINX Vulnerability
A critical security defect, present since 2008, in NGINX Plus and NGINX open source has received a public Proof-of-Concept, urging immediate patching.
Funnel Builder WordPress Plugin Exploited to Steal Credit Cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript, targeting WooCommerce checkout pages for credit card theft.
Microsoft Exchange, Windows 11 Hacked at Pwn2Own
Competitors at Pwn2Own Berlin 2026 exploited 15 unique zero-day vulnerabilities in products including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux, earning over $385,000.
Popular node-ipc npm Package Compromised in Supply Chain Attack
Hackers have injected credential-stealing malware into new versions of the popular node-ipc inter-process communication package, marking a new npm supply chain attack.
CISA Adds Microsoft Exchange Zero-Day (CVE-2026-42897) to KEV Catalog
CISA has added a Microsoft Exchange Server Cross-Site Scripting Vulnerability (CVE-2026-42897) to its Known Exploited Vulnerabilities Catalog, urging federal agencies to remediate due to active exploitation.
Cisco Patches Sixth SD-WAN Zero-Day Exploited in 2026
Cisco has patched CVE-2026-20182, a critical SD-WAN zero-day actively exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616.
Turla Transforms Kazuar Backdoor into Modular P2P Botnet
The Russian state-sponsored group Turla has evolved its Kazuar backdoor into a modular peer-to-peer botnet designed for stealthy and persistent access to compromised systems.
OpenAI Hit by TanStack Supply Chain Attack
Two OpenAI employee devices were compromised in a supply chain attack on TanStack, leading to the theft of credential material from OpenAI code repositories.