Today's security landscape is marked by several critical vulnerabilities and active exploitation warnings. CISA has added multiple actively exploited flaws to its KEV catalog, including issues in Android, Linux, and a WordPress plugin. Additionally, a new "HTTP/2 Bomb" DoS attack method has been disclosed, capable of crashing major web servers.

CISA warns of active attacks exploiting Android, Linux bugs — CISA has issued a warning regarding active exploitation of vulnerabilities in the Linux kernel and Android operating system. Read more →
CISA Adds One Known Exploited Vulnerability to Catalog — CISA has added CVE-2026-45247, a Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability, to its KEV catalog due to active exploitation. Read more →
New 'HTTP/2 Bomb' DoS attack crashes web servers in under a minute — A novel denial-of-service (DoS) attack, dubbed "HTTP/2 Bomb," can be launched from a single machine to quickly take down web servers like NGINX, Apache, IIS, Envoy, and Cloudflare. Read more →
Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover — A disabled security setting in Android versions of Microsoft 365 apps like Word, PowerPoint, and Excel could allow attackers to steal logins and data. Read more →
One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens — A one-click attack via Microsoft Visual Studio Code (VS Code) allows attackers to steal a user's GitHub token, potentially granting read and write access to private repositories. Read more →
Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs — Threat actors are actively exploiting vulnerabilities in Kirki and Burst Statistics WordPress plugins to elevate privileges and take over websites. Read more →
Acer working to patch max severity zero-days in Wave 7 routers — Acer is addressing two maximum-severity zero-day vulnerabilities impacting its Wave 7 mesh routers. Read more →
Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes — An unpatched vulnerability in the Windows search: URI handler could be exploited to disclose a user's NTLMv2 hash to an attacker. Read more →