Ransomware gang exploits Cisco flaw in zero-day attacks since January

The Interlock ransomware gang has been exploiting a maximum severity remote code execution (RCE) vulnerability in Cisco's ...
SecurityWeek

‘DarkSword’ iOS Exploit Kit Used by State-Sponsored Hackers, Spyware Vendors

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.
The Hacker News

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

CVE-2026-32746 exposes telnetd via pre-auth flaw (CVSS 9.8), enabling root RCE through port 23, risking full system takeover.
Dark Reading

DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike

A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.

CISA orders feds to patch Zimbra XSS flaw exploited in attacks

CISA has ordered U.S. government agencies to secure their servers against an actively exploited vulnerability in the Zimbra Collaboration Suite (ZCS).
Security Boulevard

FAQ on CVE-2026-21514: OLE bypass N-Day in Microsoft Word

An N-day vulnerability in Microsoft Word exposes nearly 14 million assets. Attackers can exploit this flaw to bypass security prompts, enabling deployment of malware and establishing persistent access ...
Cybernews

Hackers are doing their homework – and your VPN is first on the list, report warns

New findings from Hewlett Packard Enterprise (HPE) show that cybergangs like Akira are diligently doing their market research ...
Channel Buzz

Firewalls, rogue devices, and your own tools: what Barracuda’s threat report means for MSPs

Every year, security vendors publish threat reports. Most say variations of the same thing. But Barracuda’s Managed XDR Global Threat Report stands out for a reason that matters to MSPs: it’s built on ...