Security news.
Today's security news highlights critical vulnerabilities requiring immediate attention across popular software, alongside a surge in infostealer attacks. Active exploitation and public exploits underscore the urgency for patching systems like WordPress and 7-Zip, while Microsoft warns of increased ACR Stealer activity.
Public Exploits Released for WordPress "wp2shell" RCE Flaws
Critical remote code execution vulnerabilities in WordPress Core now have public exploits, urging immediate patching for all administrators, especially for versions 6.9 and 7.0.
7-Zip Patches RCE Flaw Exploitable via Malicious Archives
7-Zip version 26.02 addresses a remote code execution vulnerability (RCE) that could allow attackers to execute arbitrary code if users open specially crafted compressed files. Users should update immediately.
Microsoft Warns of Increased ACR Stealer Attacks
Microsoft reports a surge in attacks using ACR Stealer malware to exfiltrate browser-stored passwords, authentication tokens, and sensitive documents from enterprise customers.
Inc Ransomware Exploits SonicWall SMA Zero-Days
The Inc Ransomware group is actively exploiting two zero-day vulnerabilities in SonicWall's mobile access (SMA) appliances, which when chained, allow attackers to gain root-level access.
New Windows LegacyHive Zero-Day Grants Admin Privileges
A newly disclosed Windows zero-day exploit, dubbed LegacyHive, allows attackers to escalate privileges on fully updated Windows systems.
CISA Adds Three Vulnerabilities to KEV Catalog
CISA has added CVE-2026-25089 and CVE-2026-39808 (Fortinet FortiSandbox OS Command Injection) and CVE-2026-58644 (Microsoft SharePoint Deserialization of Untrusted Data) to its Known Exploited Vulnerabilities Catalog.
OpenSSL HollowByte Flaw Leads to DoS with 11-Byte Requests
A vulnerability named HollowByte allows unauthenticated attackers to cause a denial-of-service (DoS) on OpenSSL servers by sending an 11-byte malicious payload, leading to memory bloat.
Coca-Cola Suspends Fairlife Production Due to Ransomware
Coca-Cola has suspended production at its US Fairlife facilities following a ransomware attack, with the full scope and impact still under investigation.