CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...
CoinDesk

Attacker mints $1 billion Polkadot tokens on Ethereum, ends up stealing just $250,000

A forged cross-chain message bypassed state proof validation on the bridge contract, granting admin control over the bridged ...
SecurityWeek

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for CVE-2026-34621, a critical Acrobat and Reader zero-day that has been exploited in the wild.
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
CSO Online

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.
The Hacker News

ThreatsDay Bulletin: 17-Year-Old Excel RCE, Defender 0-Day, SonicWall Brute-Force and 15 More Stories

This week's biggest hacks, zero-days, supply chain attacks, crypto theft, ransomware hits, and critical patches — all in one ...