News CISA、攻撃に悪用されるGitLabの5年前の欠陥を警告
米サイバーセキュリティ・インフラセキュリティ庁(CISA)は、攻撃で活発に悪用されている5年前のGitLabの脆弱性に対し、政府機関にシステムにパッチを当てるよう命じた。 GitLabは2021年12月にこのサーバーサイドリクエストフォージ...
Actively Exploited
News 
News WinRARの欠陥を悪用する新たなサイバー攻撃グループ「Amaranth Dragon
APT41 と呼ばれる新たな脅威アクターは、国家に支援された中国の作戦に関連しており、政府機関や法執行機関へのスパイ攻撃において、WinRAR の CVE-2025-8088 脆弱性を悪用しました。 このハッカーは、正規のツールとカスタムの...
News CISA flags critical SolarWinds RCE flaw as exploited in attacks
CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal ...
News Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React N...
News Russian hackers exploit recently patched Microsoft Office bug in attacks
Ukraine’s Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently pa...
News Ivanti warns of two EPMM flaws exploited in zero-day attacks
Ivanti has disclosed two critical vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281 and...
News Fortinet blocks exploited FortiCloud SSO zero day until patch is ready
Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerab...
News WinRAR path traversal flaw still exploited by numerous hackers
Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity v...
News Over 6,000 SmarterMail servers exposed to automated hijacking attacks
Nonprofit security organization Shadowserver has found over 6,000 SmarterMail servers exposed online and likely vulnerab...
News Nearly 800,000 Telnet servers exposed to remote attacks
Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks...