Actively – NuclearCoffee

Hacker news

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

On Apr 17, 2026 2:39 pm, by NuclearCoffee

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of… Continue reading

Hacker news

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

On Apr 15, 2026 2:08 pm, by NuclearCoffee

A recently disclosed critical security flaw impacting nginx-ui, an open-source, web-based Nginx management tool, has come under active exploitation in the wild. The vulnerability in question is CVE-2026-33032 (CVSS… Continue reading

Hacker news

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

On Apr 14, 2026 7:00 am, by NuclearCoffee

A critical security vulnerability impacting ShowDoc, a document management and collaboration service popular in China, has come under active exploitation in the wild. The vulnerability in question is CVE-2025-0520 (aka CNVD-2020-26585),… Continue reading

Hacker news

Adobe Patches Actively Exploited Acrobat Reader Flaw CVE-2026-34621

On Apr 12, 2026 10:14 am, by NuclearCoffee

Adobe has released emergency updates to fix a critical security flaw in Acrobat Reader that has come under active exploitation in the wild. The vulnerability, assigned the CVE identifier CVE-2026-34621,… Continue reading

Hacker news

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

On Apr 05, 2026 9:14 am, by NuclearCoffee

Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has… Continue reading

Hacker news

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

On Mar 17, 2026 7:12 am, by NuclearCoffee

Ravie LakshmananMar 17, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its Known… Continue reading

Hacker news

CISA Flags Actively Exploited n8n RCE Bug as 24,700 Instances Remain Exposed

On Mar 12, 2026 6:35 am, by NuclearCoffee

Ravie LakshmananMar 12, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting n8n to its Known Exploited… Continue reading

Hacker news

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

On Mar 10, 2026 7:57 am, by NuclearCoffee

Ravie LakshmananMar 10, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog,… Continue reading

Hacker news

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

On Mar 04, 2026 7:15 am, by NuclearCoffee

Ravie LakshmananMar 04, 2026Vulnerability / Enterprise Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations… Continue reading

Hacker news

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog

On Feb 21, 2026 10:54 am, by NuclearCoffee

Ravie LakshmananFeb 21, 2026Vulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known… Continue reading

Tag: Actively

Stay Connected