Vulnerabilities
-
Hackers bypass SonicWall VPN MFA after incomplete patching
Threat actors bypassed MFA on SonicWall Gen6 SSL-VPN appliances in attacks between February and March, exploiting a flaw that stayed open on devices that were updated but not fully remediated, according to a ReliaQuest analysis.
-
Drupal warns of critical security update later today
Drupal plans a core security update later today and warned that exploits could follow within hours. The advisory affects core versions 8 and later, with fixes planned for supported releases and hotfixes for some older branches.
-
Linux kernel flaw gets proof of concept as distributions move on security fixes
Proof-of-concept code has been released for DirtyDecrypt, a Linux kernel flaw tied to CVE-2026-31635. The issue can allow local privilege escalation on systems with CONFIG_RXGK enabled, including some Fedora, Arch Linux, and openSUSE builds.
-
Researchers disclose critical SEPPMail gateway flaws that could allow remote code execution
Researchers disclosed seven critical flaws in SEPPMail Secure E-Mail Gateway that could allow remote code execution and reading of arbitrary mail. SEPPmail has issued fixes across recent versions, including patches for multiple CVEs rated above 9.0.
-
Compromised Nx Console VS Code extension targeted developers in supply chain breach
A compromised Nx Console VS Code extension spread credential-stealing malware to developers after being published on the Microsoft marketplace. The incident affected more than 2.2 million installations and prompted update and credential-rotation warnings.
-
Hackers earn $1.3 million for 47 zero-days at Pwn2Own Berlin 2026
Researchers collected $1.298 million after exploiting 47 zero-day flaws at Pwn2Own Berlin 2026, which focused on enterprise technologies and artificial intelligence. DEVCORE won the contest, and vendors now have 90 days to patch the bugs.
-
Windows MiniPlasma zero-day proof of concept gives attackers SYSTEM access
A researcher has released a proof-of-concept Windows exploit called MiniPlasma that can elevate a standard account to SYSTEM on fully patched systems, according to tests on current Windows 11 builds and the disclosure.
-
NGINX flaw exploited in the wild days after disclosure, VulnCheck says
VulnCheck says CVE-2026-42945 is being exploited in the wild in NGINX Plus and NGINX Open days after disclosure. The report also cites active exploitation of critical openDCIM flaws that can be chained toward remote code execution.
-
Avada Builder WordPress flaws could expose site credentials, database data
Two flaws in the Avada Builder WordPress plugin could let attackers read server files or pull data from the database. The issues affect versions through 3.15.2 and 3.15.1, and site owners were urged to upgrade to 3.15.3.
-
Four OpenClaw flaws could enable data theft and persistence, researchers say
Researchers disclosed four OpenClaw flaws that could be chained for data theft, privilege escalation and persistence. The issues were fixed in version 2026.4.22, and users were advised to update.
