Today's security news highlights critical vulnerabilities and ongoing exploitation campaigns. Several major platforms, including Check Point VPN, Gogs, and UniFi OS, have patched severe flaws, some of which are actively exploited. Additionally, Meta is taking action against NSO Group for new WhatsApp phishing attempts, while also dealing with a breach of Instagram accounts via its AI support.

Critical Check Point VPN Flaw Exploited to Bypass Passwords — A critical vulnerability (CVE-2026-50751) in Check Point Remote Access VPN and Mobile Access deployments using IKEv1 is being actively exploited, allowing unauthenticated attackers to bypass password authentication. Read more →
Gogs Patches Critical Zero-Day Enabling Remote Code Execution — The self-hosted Git service Gogs has patched a critical zero-day vulnerability that could allow attackers to compromise internet-facing instances and access private repositories. Read more →
Critical UniFi OS Bug Lets Hackers Gain Root Without Authentication — Attackers can chain three previously fixed vulnerabilities in Ubiquiti UniFi OS to achieve unauthenticated remote code execution with root privileges. Read more →
WhatsApp Disrupts New NSO Spyware Phishing Attacks, Meta Files Contempt Order — WhatsApp has detected and blocked new spear-phishing campaigns allegedly conducted by NSO Group and Meta is filing a federal court contempt order against the spyware vendor for violating a permanent injunction. Read more →
Thousands of Instagram Accounts Breached via Meta's AI Support Assistant — Over 20,000 Instagram accounts were compromised after hackers exploited Meta's AI-powered support system to reset passwords. Read more →
SolarWinds Serv-U Vulnerability Exploited in the Wild — A vulnerability in SolarWinds Serv-U, tracked as CVE-2026-28318, is being actively exploited by unauthenticated attackers via specially crafted POST requests that crash the service. Read more →
Everest Forms Vulnerability Exploited to Hack WordPress Sites — A critical flaw in the Everest Forms WordPress plugin, allowing remote code execution, has been actively exploited in the wild for two months. Read more →
Silent Ransom Group Targets Law Firms with Fake IT Support Calls — The Silent Ransom Group is actively targeting U.S. law firms and professional services organizations through social engineering attacks, often leading to data theft. Read more →