Indicators of Compromise

U.S. CISA adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog

The U.S.

Security Affairs →

FortiClient EMS zero-day exploited, emergency hotfixes available (CVE-2026-35616)

Defused Cyber has spotted a critical Fortinet FortiClient Endpoint Management Server (EMS) zero-day vulnerability (CVE-2026-35616) being exploited in the wil...

Help Net Security →

Google patches fourth Chrome zero-day so far this year

Google has patched another zero-day vulnerability in Chrome, its fourth this year. In patching the vulnerability, tracked as CVE-2026-5281, the company ackno...

CSO Online →

Progress ShareFile vulnerabilities allow unauthenticated file exfiltration

Researchers at watchTowr identified an authentication bypass (CVE-2026-2699) and a remote code execution flaw (CVE-2026-2701) within the Storage Zones Contro...

SC Media →

Cisco IMC auth bypass vulnerability allows attackers to alter user passwords (CVE-2026-20093)

Cisco has fixed ten vulnerabilities affecting its Integrated Management Controller (IMC), the most critical of which (CVE-2026-20093) could allow an unauthen...

Help Net Security →

New Progress ShareFile Flaws Expose Servers to Unauthorized Remote Takeover

Security researchers at watchTowr Labs have disclosed a critical exploit chain in the Progress ShareFile Storage Zone Controller. The vulnerabilities, tracke...

GBHackers →

CISA Includes TrueConf Security Flaw in KEV Catalog After Exploitation in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security flaw affecting the TrueConf Client to its Known Exploite...

GBHackers →

14,000+ F5 BIG-IP APM Instances Exposed Online as Attackers Exploit RCE Vulnerability

Cybersecurity researchers have identified a massive attack surface involving F5 BIG-IP Access Policy Manager (APM) devices. Following a critical severity upg...

GBHackers →

Attackers Abuse React2Shell Flaw to Compromise 700+ Next.js Hosts

A massive automated cyberattack campaign is actively targeting web applications built on the popular Next.js framework to steal highly sensitive information.

GBHackers →

Die besten XDR-Tools

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/02/original2cso_ArtemisDiana.

CSO Online →

New infosec products of the month: March 2026

Here’s a look at the most interesting products from the past month, featuring releases from Beazley, Bonfy.AI, Mend.

Help Net Security →

ISC Stormcast For Friday, April 3rd, 2026 https://isc.sans.edu/podcastdetail/9878, (Fri, Apr 3rd)

SANS ISC →

Actively exploited Chrome zero-day patched

Updates have been issued by Google to fix 21 vulnerabilities in its Chrome browser, including the actively exploited high-severity zero-day flaw, tracked as ...

SC Media →

Cisco fixes critical IMC auth bypass present in many products

Cisco has released patches for a critical vulnerability in its out-of-band management solution, present in many of its servers and appliances. The flaw allow...

CSO Online →

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database cre...

The Hacker News →

Cisco fixed critical and high-severity flaws

Cisco fixed critical flaws that could allow attackers to bypass authentication, run code, and gain access to sensitive data. Cisco released patches for two c...

Security Affairs →

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released updates to address a critical security flaw in the Integrated Management Controller (IMC) that, if successfully exploited, could allow an ...

The Hacker News →

Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)

From its GitHub repo: "Vite (French word for "quick", pronounced /vi?t/, like "veet") is a new breed of frontend build tooling that significantly improves th...

SANS ISC →

Yokogawa CENTUM VP

View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to login as the PROG user and modify permissions. The following versi...

CISA Advisories →

Hitachi Energy Ellipse

View CSAF Summary Hitachi Energy is aware of a Jasper Report vulnerability that affects the Ellipse product versions mentioned in this document below. This v...

CISA Advisories →