Critical vulnerabilities are under active exploitation across multiple platforms, including WordPress plugins, Cisco SD-WAN, and SolarWinds infrastructure. Supply chain attacks continue to proliferate through npm and GitHub, while new zero-days in FFmpeg and unpatched flaws demand immediate attention from security teams.

Critical Everest Forms Pro Vulnerability Actively Exploited — Hackers are actively exploiting CVE-2026-3300 in the Everest Forms Pro WordPress plugin to gain complete control of websites. Read more →
Cisco SD-WAN Manager Zero-Day Exploited; No Patch Available — CVE-2026-20245 (CVSS 7.8) in Catalyst SD-WAN Manager is being actively exploited for root privilege escalation, with no patch currently available. Read more →
CISA Adds SolarWinds Serv-U DoS Flaw to KEV Catalog — CVE-2026-28318 (CVSS 7.5) in SolarWinds Serv-U is now confirmed as actively exploited in denial-of-service attacks. Read more →
Miasma Self-Replicating Worm Hits 73 Microsoft GitHub Repositories — The ongoing supply chain attack impacted repositories across Azure, Azure-Samples, Microsoft, and MicrosoftDocs organizations, forcing GitHub to disable access. Read more →
AI Agent Discovers 21 Zero-Days in FFmpeg; Chrome Patches 429 Bugs — An autonomous AI agent found 21 previously unknown vulnerabilities in the widely-used FFmpeg media library, while Google shipped Chrome 149 with a record 429 security patches. Read more →
IronWorm and Miasma Worm Variant Hit npm Supply Chain — Over 50 poisoned npm packages distributed a Rust-based information stealer and self-spreading worm, with the stealer hiding behind an eBPF kernel rootkit. Read more →
Over 900 US Gas Station Tank Gauge Systems Exposed to Attacks — Automatic tank gauge (ATG) systems across critical infrastructure are exposed online and actively targeted, prompting CISA and federal partners to urge hardening measures. Read more →
OpenAI Rolls Out ChatGPT Lockdown Mode to Reduce Data Exfiltration Risk — A new security feature limits tools that could enable data exfiltration from prompt injection attacks, available to Free, Plus, and Pro account holders. Read more →