Zenity Labs Discloses PleaseFix Vulnerability Family in Perplexity Comet and Other Agentic Browsers

Zenity Labs today disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to silently hijack AI agents, access local ...

Critical Android Update—Google Confirms 0Day Security Bypass Attacks

The vulnerability, a Qualcomm zero-day, is an integer overflow in the Graphics subcomponent, which means, Adam Boynton, senior enterprise strategy manager at Jamf, told me, “an attacker could cause ...
SecurityWeek

Juniper Networks PTX Routers Affected by Critical Vulnerability

Juniper Networks released an out-of-band update for its Junos OS Evolved network operating system to patch a critical vulnerability.
The Hacker News

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Cisco warns CVE-2026-20127 (CVSS 10.0) in SD-WAN is exploited since 2023 to gain admin access; CISA adds it to KEV and mandates urgent fixes.

Software vulnerabilities are being weaponized faster than ever

A report by VulnCheck shows threat groups are exploiting a small percentage of critical flaws well before security teams can ...
CRN

ConnectWise ScreenConnect Vulnerability Seeing Exploits: CISA

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is seeing active exploits related to the ConnectWise ScreenConnect vulnerability that was reported earlier last week. Vulnerabilities ...

Hackers exploit zero-day flaw in Dell RecoverPoint for Virtual Machines

Threat actors are weaponizing a zero-day vulnerability in Dell RecoverPoint for Virtual Machines in a cyberattack campaign ...
Ars Technica

Critical WordPress plugin vulnerability under active exploit threatens thousands

Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution of ...
CSO Online

Exploit available for new Chrome zero-day vulnerability, says Google

Threat actors now have the ability to exploit a new zero-day vulnerability in the Chrome browser, Google has advised IT ...
techtimes

Hackers Exploit Ivanti VPN Vulnerability, Revealing Latest Threats

Ivanti's enterprise VPN solution faces another instance of active exploitation due to a recent vulnerability, marking the third flaw discovered in Ivanti's Connect Secure VPN. One of the newly ...
Infosecurity-magazine.com

Malicious Actors Exploit ProjectSend Critical Vulnerability

Public-facing instances of ProjectSend, an open-source file-sharing web application, have been exploited by attackers, according to vulnerability intelligence provider VulnCheck. ProjectSend was ...
Ars Technica

As if 2 Ivanti vulnerabilities under exploit weren’t bad enough, now there are 3

Mass exploitation began over the weekend for yet another critical vulnerability in widely used VPN software sold by Ivanti, as hackers already targeting two previous vulnerabilities diversified, ...