Vulnerabilities
-
Critical Marimo flaw exploited within 10 hours of disclosure
A critical Marimo Python notebook flaw was exploited less than 10 hours after disclosure, with attackers gaining shell access and stealing credentials from a vulnerable instance in under three minutes, according to a technical analysis from Sysdig.
-
Smart Slider update hijacked to push malicious WordPress and Joomla versions
Hackers hijacked the Smart Slider 3 Pro update system for WordPress and Joomla, pushing a malicious version that could create hidden admin accounts, install backdoors and steal credentials, according to the vendor and a technical analysis.
-
Adobe Reader zero-day exploited through malicious PDFs since December 2025
A technical analysis says attackers have abused a previously unknown Adobe Reader zero-day through malicious PDFs since at least December 2025. The files can run JavaScript, collect data and potentially deliver more payloads.
-
13-year-old ActiveMQ flaw lets attackers run commands remotely
Researchers found a 13-year-old remote code execution flaw in Apache ActiveMQ Classic that can let attackers run commands. The bug affects versions before 5.19.4 and some 6.x releases, and Apache has already released fixes.
-
Anthropic launches Project Glasswing to use Claude Mythos for vulnerability hunting
Anthropic launched Project Glasswing to use its Claude Mythos preview model for vulnerability hunting, saying the system found thousands of flaws and can also be powerful enough to aid exploitation.
-
Hackers exploit critical Ninja Forms WordPress flaw, Wordfence says
Hackers are exploiting a critical flaw in the Ninja Forms File Uploads WordPress add-on that can allow arbitrary file uploads and remote code execution. Wordfence said it blocked more than 3,600 attacks in 24 hours, and the vendor has released a fix.
-
Docker flaw lets attackers bypass authorization plugins in some setups
Docker disclosed a high-severity flaw in Engine that could let attackers bypass authorization plugins in some setups. The issue, tracked as CVE-2026-34040, was patched in version 29.3.1 and linked to an incomplete fix for an earlier bug.
-
APT28 linked to router hijacking campaign that affected 200 organizations
APT28 has been linked to a campaign that hijacked insecure routers to redirect DNS traffic and steal credentials. The operation affected more than 200 organizations and 5,000 consumer devices, according to Microsoft.
-
Grafana AI flaw could expose enterprise data in zero-click attack
Researchers say a critical Grafana flaw could let attackers use AI-powered dashboards to exfiltrate sensitive data without authentication. Grafana reportedly validated the issue and released a fix after disclosure by Noma Security.
-
GPUBreach attack can turn GPU Rowhammer bit flips into system takeover
Researchers at the University of Toronto say a new GPUBreach attack can use Rowhammer bit flips in GDDR6 GPU memory to corrupt page tables, gain GPU read and write access and potentially reach full system compromise.
