Patch Management
-
Ajax says hacker accessed fan data and enabled ticket transfers
AFC Ajax said a hacker accessed parts of its systems and viewed email addresses for a few hundred people and personal details for fewer than 20 people with stadium bans. RTL journalists who were tipped off verified vulnerabilities that they said allowed ticket transfers and broad access to fan records; Ajax says it has patched…
-
Researchers find flaw that could let websites inject prompts into Anthropic’s Claude Chrome extension
Researchers disclosed a flaw called ShadowPrompt in Anthropic’s Claude Chrome extension that combined an overly permissive origin allowlist and a DOM-based XSS in an Arkose Labs CAPTCHA, allowing websites to inject prompts; Anthropic and Arkose issued fixes in December 2025 and February 2026.
-
Over 6,000 SmarterMail servers exposed and likely vulnerable to critical auth bypass
Shadowserver found more than 6,000 SmarterMail servers exposed and likely vulnerable to CVE-2026-23760, a critical authentication bypass that can reset admin passwords and allow remote code execution. A vendor fix was released in build 9511.
-
Critical vulnerability in n8n workflow platform could allow code execution (CVE-2025-68613)
A critical vulnerability in the n8n workflow automation platform (CVE-2025-68613) with a CVSS score of 9.9 could allow authenticated users to trigger arbitrary code execution; patches are available and Censys reports over 103,000 potentially vulnerable instances.
-
HPE fixes critical OneView flaw rated CVSS 10.0 that allows remote code execution
Hewlett Packard Enterprise has fixed a CVSS 10.0 vulnerability in OneView (CVE-2025-37164) that could allow unauthenticated remote code execution; patches, version 11.00 and hotfixes for earlier releases, are available and should be applied promptly.
-
SonicWall issues patch for actively exploited SMA 100 series privilege escalation bug
SonicWall released fixes for CVE-2025-40602, a local privilege escalation in SMA 100 series appliances that has been actively exploited; the flaw was reportedly used with CVE-2025-23006 to achieve unauthenticated root code execution, and users are urged to apply patches promptly.
-
CISA adds WinRAR flaw CVE-2025-6218 to known-exploited list after reported active use
CISA added a WinRAR path traversal vulnerability, CVE-2025-6218 (CVSS 7.8), to its Known Exploited Vulnerabilities catalog after reports of active exploitation by multiple threat groups; RARLAB patched the bug in WinRAR 7.12 for Windows in June 2025 and agencies are required to remediate by Dec. 30, 2025.
-
JPCERT/CC confirms active exploitation of command injection in Array AG gateways
JPCERT/CC says a command injection vulnerability in Array Networks AG Series gateways has been exploited since August 2025 to drop web shells; Array fixed the flaw in May and users are urged to apply ArrayOS 9.4.5.9 or disable DesktopDirect and block semicolon-containing URLs if they cannot patch immediately.
-
Critical privilege-escalation flaw in King Addons plugin under active exploitation
A high-severity privilege-escalation vulnerability (CVE-2025-8489, CVSS 9.8) in the King Addons for Elementor WordPress plugin is being actively exploited; administrators should update to version 51.1.35, audit for suspicious admin users, and monitor for unusual activity.
-
Google issues December Android security updates, patches 107 flaws including two exploited in the wild
Google released December 2025 Android security patches that fix 107 vulnerabilities across multiple components, including two Framework flaws reported as exploited in the wild; users and manufacturers are urged to apply the 2025-12-01 or 2025-12-05 updates.
