Overview
Description
Statistics
- 20 Posts
- 7 Interactions
Fediverse
🔴 CVE-2026-1281 - Critical (9.8)
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1281/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
#ivanti #cybersecurity #vulnerabilitymanagement #vulnerability
⚠️ Alerte CERT-FR ⚠️
Les vulnérabilités critiques CVE-2026-1281 et CVE-2026-1340 affectant Ivanti Endpoint Manager Mobile sont activement exploitées dans le cadre d'attaques ciblées.
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-001/
#Ivanti: Two Ivanti EPMM #ZeroDay Unauthenticated #RCE Vulnerabilities CVE-2026-1281 & CVE-2026-1340 Actively Exploited, Patch Now!
👇
https://thehackernews.com/2026/01/two-ivanti-epmm-zero-day-rce-flaws.html
Ivanti warns of two EPMM flaws exploited in zero-day attacks
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-two-epmm-flaws-exploited-in-zero-day-attacks/
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that have been exploited in zero-day attacks. Both are unauthenticated remote code execution flaws with a CVSS score of 9.8.
Ivanti confirmed a limited number of customers were impacted at the time of disclosure.
Successful exploitation could allow attackers to execute arbitrary code on vulnerable EPMM appliances and potentially access sensitive administrative, user and device data.
Mitigations are available via RPM scripts:
• RPM 12.x.0.x for EPMM 12.5.0.x, 12.6.0.x and 12.7.0.x
• RPM 12.x.1.x for EPMM 12.5.1.0 and 12.6.1.0
Ivanti states the updates require no downtime and have no functional impact. Organizations should apply the mitigations immediately.
CISA has added CVE-2026-1281 to its Known Exploited Vulnerabilities catalogue, reinforcing the urgency of remediation.
Ivanti Provides Temporary Patches for Actively Exploited EPMM Zero-Day
https://www.helpnetsecurity.com/2026/01/30/ivanti-epmm-cve-2026-1281-cve-2026-1340/
Ivanti issued provisional patches for two critical EPMM vulnerabilities (including one exploited in the wild). Security teams should apply these immediately and plan for permanent updates in upcoming releases.
Ivanti confirms active exploitation of EPMM zero-day RCE flaws (CVE-2026-1281, CVE-2026-1340).
Emergency patches released—apply immediately.
Bluesky
Overview
- Ivanti
- Endpoint Manager Mobile
Description
Statistics
- 16 Posts
- 6 Interactions
Fediverse
🔴 CVE-2026-1340 - Critical (9.8)
A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1340/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
⚠️ Alerte CERT-FR ⚠️
Les vulnérabilités critiques CVE-2026-1281 et CVE-2026-1340 affectant Ivanti Endpoint Manager Mobile sont activement exploitées dans le cadre d'attaques ciblées.
https://www.cert.ssi.gouv.fr/alerte/CERTFR-2026-ALE-001/
#Ivanti: Two Ivanti EPMM #ZeroDay Unauthenticated #RCE Vulnerabilities CVE-2026-1281 & CVE-2026-1340 Actively Exploited, Patch Now!
👇
https://thehackernews.com/2026/01/two-ivanti-epmm-zero-day-rce-flaws.html
Ivanti warns of two EPMM flaws exploited in zero-day attacks
https://www.bleepingcomputer.com/news/security/ivanti-warns-of-two-epmm-flaws-exploited-in-zero-day-attacks/
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and CVE-2026-1340, that have been exploited in zero-day attacks. Both are unauthenticated remote code execution flaws with a CVSS score of 9.8.
Ivanti confirmed a limited number of customers were impacted at the time of disclosure.
Successful exploitation could allow attackers to execute arbitrary code on vulnerable EPMM appliances and potentially access sensitive administrative, user and device data.
Mitigations are available via RPM scripts:
• RPM 12.x.0.x for EPMM 12.5.0.x, 12.6.0.x and 12.7.0.x
• RPM 12.x.1.x for EPMM 12.5.1.0 and 12.6.1.0
Ivanti states the updates require no downtime and have no functional impact. Organizations should apply the mitigations immediately.
CISA has added CVE-2026-1281 to its Known Exploited Vulnerabilities catalogue, reinforcing the urgency of remediation.
Ivanti Provides Temporary Patches for Actively Exploited EPMM Zero-Day
https://www.helpnetsecurity.com/2026/01/30/ivanti-epmm-cve-2026-1281-cve-2026-1340/
Ivanti issued provisional patches for two critical EPMM vulnerabilities (including one exploited in the wild). Security teams should apply these immediately and plan for permanent updates in upcoming releases.
Ivanti confirms active exploitation of EPMM zero-day RCE flaws (CVE-2026-1281, CVE-2026-1340).
Emergency patches released—apply immediately.
Bluesky
Overview
Description
Statistics
- 5 Posts
- 1 Interaction
Fediverse
Another day and, well . . .
Bluesky
Overview
Description
Statistics
- 5 Posts
- 11 Interactions
Fediverse
Sicherheitsloch in WinRAR wird reichlich ausgenutzt
Da Windows früher nicht mit komprimierten Dateien umgehen konnte, musste man sich mit zusätzlichen Tools helfen. Eines von denen war und ist WinRAR. Das dürfte immer noch als Altlast auf vielen Windows-Rechnern herumliegen. Das ist gefährlich, wenn es nicht aktualisiert wurde. Im Juli 2025 wurde ein Update (auf Version 7.13) veröffentlicht, mit dem eine kritische Sicherheitslücke (CVE-2025-8088) geschlossen wird. Diese Sicherheitslücke wird allerseits für Angriffe ausgenutzt, vom kommerziell interessierten Cybergangster bis zu staatlichen Hackern. Für einen Angriff reicht es aus, WinRAR ein speziell präpariertes Archiv (komprimierte Datei) unterzuschieben. Ist es
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
Bluesky
Overview
Description
Statistics
- 4 Posts
- 5 Interactions
Fediverse
Telnet è una tecnologia vecchia ma ancora presente in molti sistemi.
Nel video spiego cos’è, perché oggi rappresenta un rischio e cosa significa la vulnerabilità CVE-2026-24061 anche per chi non è un esperto di sicurezza.
Un modo semplice per capire perché alcuni servizi “storici” possono diventare un problema serio.
Video completo qui:
https://youtu.be/VJ98qp6mzqo
New #synology #DSM Version: 7.3.2-86009 Update 1 is out.
This is a security patch:
Fixed Issues
- Fixed a security vulnerability regarding telnetd (CVE-2026-24061).
Un accès root en une seule commande : cette faille dans GNU InetUtils menace les accès Telnet https://www.it-connect.fr/faille-cve-2026-24061-inetutils-telnet/ #ActuCybersécurité #Cybersécurité #Vulnérabilité
Bluesky
Overview
Description
Statistics
- 4 Posts
- 3 Interactions
Fediverse
👀 Seeing who’s poking Ivanti Connect Secure?
GreyNoise just caught a ~100x spike in recon on CVE-2025-0282 featuring one loud AS213790 campaign and one sneaky botnet spread across 6K IPs.
We broke down the infra + what defenders should do next. 👇
https://www.labs.greynoise.io/grimoire/2026-01-29-inside-the-infrastructure-whos-scanning-for-ivanti-connect-secure/
☕ & #threatintel - Two campaigns (100x spike!) are hitting Ivanti Connect Secure; one loud (34K sessions from Romania/Moldova), one stealthy (~6K distributed IPs). Both target a pre-exploitation endpoint for CVE-2025-0282. https://www.labs.greynoise.io/grimoire/2026-01-29-inside-the-infrastructure-whos-scanning-for-ivanti-connect-secure/
Overview
Description
Statistics
- 4 Posts
- 1 Interaction
Fediverse
#OpenSSL Critical Vulnerabilities Allow Remote Attackers to Execute Malicious Code (CVE-2025-15467). Patches released:
👇
https://cybersecuritynews.com/openssl-vulnerabilities-code-execution/
🔴 CVE-2025-15467 - Critical (9.8)
Issue summary: Parsing CMS AuthEnvelopedData message with maliciously
crafted AEAD parameters can trigger a stack buffer overflow.
Impact summary: A stack buffer overflow may lead to a crash, causing Denial
of Service, or potentially remote code ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15467/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
Overview
Description
Statistics
- 3 Posts
Fediverse
Microsoft Office Zero-Day Vulnerability, CVE-2026-21509, Under Active Exploitation
https://cybersec.xmcyber.com/s/microsoft-office-zero-day-vulnerability-cve-2026-21509-under-active-exploitation-25007
Bluesky
Overview
- SolarWinds
- Web Help Desk
Description
Statistics
- 3 Posts
- 4 Interactions
Fediverse
⚠️ Critical Solarwinds Web Vulnerability Allows Remote Code Execution and Security Bypass
「 Multiple critical vulnerabilities in SolarWinds Web Help Desk (WHD), culminating in unauthenticated remote code execution (RCE) via Java deserialization in CVE-2025-40551, were uncovered by https://Horizon3.ai researchers.
These flaws chain static credentials, security bypasses, and deserialization weaknesses, affecting versions prior to 2026.1 」
‼️ SolarWinds Web Help Desk RCE Hit by Multiple Critical Security Flaws; CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554
CVSS: All 9.8
CVEs Published: January 28th, 2026
CVE-2025-40551: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40552: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.
CVE-2025-40553: SolarWinds Web Help Desk was found to be susceptible to an untrusted data deserialization vulnerability that could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.
CVE-2025-40554: SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that, if exploited, could allow an attacker to invoke specific actions within Web Help Desk.
Advisories:
https://nvd.nist.gov/vuln/detail/CVE-2025-40551
https://nvd.nist.gov/vuln/detail/CVE-2025-40552
https://nvd.nist.gov/vuln/detail/CVE-2025-40553
https://nvd.nist.gov/vuln/detail/CVE-2025-40554
📦 That WinRAR "Free Trial" You Never Paid For? Hackers Are Exploiting It Right Now 🚨
A WinRAR vulnerability patched last July (CVE-2025-8088) is still being actively exploited by Russian APTs, Chinese threat actors, and cybercrime gangs six months later. The path traversal flaw lets attackers slip malicious files into your system when you extract seemingly innocent archives. If you're still using WinRAR, update immediately or switch to 7-Zip.
Sources:
- https://www.bleepingcomputer.com/news/security/winrar-path-traversal-flaw-still-exploited-by-numerous-hackers/
- https://cloud.google.com/blog/topics/threat-intelligence/exploiting-critical-winrar-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2025-8088
- https://www.helpnetsecurity.com/2026/01/28/winrar-vulnerability-exploited-cve-2025-8088/
---
🔓 Critical OpenSSL Flaw Could Let Hackers Take Over Your Computer Via Email 💀
CVE-2025-15467 is a critical 9.8 CVSS remote code execution vulnerability in OpenSSL's CMS and S/MIME message processing. OpenSSL powers encrypted communications across the entire internet, and this flaw allows unauthenticated attackers to execute arbitrary code remotely without any credentials. A working proof-of-concept already exists in the wild, meaning both defenders and attackers have access to it.
Sources:
- https://nvd.nist.gov/vuln/detail/CVE-2025-15467
https://www.infosecurity-magazine.com/news/12-openssl-flaws/
- https://openssl-library.org/news/vulnerabilities/
- https://twitter.com/IntCyberDigest/status/2016288593547833778
---
🤦 SolarWinds Ships Critical Vulnerabilities In Their Own Software (Yes, THAT SolarWinds) 🤡
SolarWinds, the company that became the poster child for supply chain attacks after their 2020 breach, just disclosed four critical vulnerabilities in their Web Help Desk product. The flaws include unauthenticated remote code execution and authentication bypass that can be chained together to completely compromise systems without logging in. Five years after congressional hearings and intense security scrutiny, they still shipped this mess.
Sources:
- https://www.bleepingcomputer.com/news/security/solarwinds-warns-of-critical-web-help-desk-rce-auth-bypass-flaws/
- https://www.helpnetsecurity.com/2026/01/29/solarwinds-web-help-desk-rce-vulnerabilities/
- https://www.rapid7.com/blog/post/etr-multiple-critical-solarwinds-web-help-desk-vulnerabilities-cve-2025-40551-40552-40553-40554/
- https://nvd.nist.gov/vuln/detail/CVE-2025-40552
- https://nvd.nist.gov/vuln/detail/CVE-2025-40553
- https://nvd.nist.gov/vuln/detail/CVE-2025-40554
- https://nvd.nist.gov/vuln/detail/CVE-2025-40551
Overview
- choijun
- LA-Studio Element Kit for Elementor
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
‼️ CVE-2026-0920: Explanation and payload of the recent vulnerability in the LA-Studio Element WordPress plugin.
PoC/Exploit: https://github.com/John-doe-code-a11/CVE-2026-0920
CVSS: 9.8
CVE Published: January 22nd, 2026
Advisory: https://github.com/advisories/GHSA-m3h4-65j5-6j8c
Technical Analysis: https://www.wordfence.com/blog/2026/01/20000-wordpress-sites-affected-by-backdoor-vulnerability-in-la-studio-element-kit-for-elementor-wordpress-plugin/