Security news.
Critical vulnerabilities dominate today's security landscape, with unpatched flaws in widely-used infrastructure tools, maximum-severity patches from major vendors, and active exploitation campaigns targeting cloud and enterprise systems. A DHS information-sharing platform breach and ongoing password-spray attacks agai
Unpatched Argo CD Repo-Server Flaw Enables Kubernetes Cluster Takeover
An unauthenticated remote code execution vulnerability in Argo CD's repo-server component allows attackers to achieve full cluster takeover if they can reach the internal network port. No patch or CVE has been assigned despite disclosure to maintainers.
DHS Confirms Breach of Homeland Security Information Network (HSIN)
The Department of Homeland Security is investigating a cyberattack on HSIN, a sensitive information-sharing platform used by federal, state, local, and private-sector partners.
Progress Kemp LoadMaster Pre-Auth RCE (CVE-2026-8037) Faces Active Exploitation
A critical OS command injection vulnerability (CVSS 9.6) in Kemp LoadMaster is being actively exploited in the wild, according to eSentire's Threat Response Unit.
Adobe Patches Seven CVSS 10.0 Flaws in ColdFusion and Campaign Classic
Adobe released critical patches for maximum-severity vulnerabilities in ColdFusion and Campaign Classic that could lead to arbitrary code execution and privilege escalation.
Massive Password-Spray Campaign Targets Microsoft 365 with 81 Million Login Attempts
An aggressive two-week campaign generated over 81 million login attempts against Microsoft 365 environments, originating from systems associated with hosting provider LSHIY.
Critical Cursor AI Editor Flaws (CVE-2026-50548, CVE-2026-50549) Allow Sandbox Escape
Two vulnerabilities in Cursor, an AI code editor, enable prompt injection attacks to break out of the safety sandbox and execute arbitrary commands on a developer's machine without user interaction (CVSS 9.8/9.3).
Over 900 Oracle E-Business Suite Instances Exposed to Active Attacks
More than 900 Oracle EBS instances have been found exposed online and are being actively targeted by attackers exploiting a critical vulnerability.
SEO-Poisoned Software Sites Distribute AsyncRAT via ScreenConnect
A massive multi-domain, multi-language campaign uses spoofed software websites to distribute malicious installers masquerading as OBS Studio, DNS Jumper, and other popular tools, deploying AsyncRAT via ScreenConnect.