Indicators of Compromise

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)

Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5...

Help Net Security →

Vim Modeline Vulnerability Opens Door to Arbitrary OS Command Execution

Vim is a widely used, highly configurable text editor, but a recently disclosed flaw highlights the risks associated with its file-parsing features. Tracked ...

GBHackers →

Hacker zielen auf Exilportal Iranwire

Unbekannte sollen das Exilportal Iranwire gehackt haben. PX Media – shutterstock.

CSO Online →

PoC Exploit Code Published for nginx-ui Backup Restore Security Flaw

A critical security flaw in the nginx-ui backup restore mechanism, tracked as CVE-2026-33026, allows attackers to manipulate encrypted backups and execute ar...

GBHackers →

TrueConf Vulnerability Under Active Exploitation in Southeast Asia Government Attacks

Check Point Research has discovered a critical zero-day vulnerability in the TrueConf video conferencing client. Tracked as CVE-2026-3502 with a CVSS score o...

GBHackers →

Hackers Actively Exploit Critical WebLogic RCE Vulnerabilities in Ongoing Attacks

A maximum-severity vulnerability in Oracle WebLogic Server is facing rapid exploitation in the wild. Tracked as CVE-2026-21962, this unauthenticated Remote C...

GBHackers →

Attack Surface Management – ein Kaufratgeber

Mit diesen Attack Surface Management Tools sorgen Sie im Idealfall dafür, dass sich Angreifer gar nicht erst verbeißen. Sergey Zaykov | shutterstock.

CSO Online →

ISC Stormcast For Wednesday, April 1st, 2026 https://isc.sans.edu/podcastdetail/9874, (Wed, Apr 1st)

SANS ISC →

Google now allows you to change your @gmail.com address

Google is rolling out a new feature in the U.S.

BleepingComputer →

Critical Fortinet FortiClient EMS vulnerability under attack

Intrusions harnessing a critical SQL injection flaw in Fortinet FortiClient EMS, tracked as CVE-2026-21643, were reported by Defused researchers to have been...

SC Media →

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

A vulnerability misclassified five months ago as a denial-of-service issue in F5 BIG-IP Access Policy Manager (APM) turned out to be a critical pre-authentic...

CSO Online →

F5 BIG-IP APM systems vulnerable to critical remote code execution flaw

The vulnerability, identified as CVE-2025-53521, allows attackers to gain complete control of affected servers through malicious traffic, enabling remote cod...

SC Media →

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

A high-severity security flaw in the TrueConf client video conferencing software has been exploited in the wild as a zero-day as part of a campaign targeting...

The Hacker News →

Operation TrueChaos: 0-Day Exploitation Against Southeast Asian Government Targets

Key Points Introduction At the beginning of 2026, Check Point Research observed a series of targeted attacks against government entities in Southeast Asia ca...

Check Point Research →

Anritsu Remote Spectrum Monitor

View CSAF Summary Successful exploitation of this vulnerability could allow attackers with network access to alter operational settings, obtain sensitive sig...

CISA Advisories →

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited.

HackRead →

U.S. CISA adds a flaw in Citrix NetScaler to its Known Exploited Vulnerabilities catalog

The U.S.

Security Affairs →

NCSC Urges Immediate Patching of F5 BIG-IP Bug

The National Cyber Security Centre wants UK firms to patch CVE-2025-53521

Infosecurity Magazine →

Fahndung nach Cyberkriminellen – 130 Firmen attackiert

130 Unternehmen und Institutionen gerieten ins Visier der Hacker. Tayler Derden | shutterstock.

CSO Online →

Detecting CVE-2026-20929: Kerberos Authentication Relay via CNAME Abuse

CrowdStrike Blog →