Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...
SecurityWeek

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

New ‘Pack2TheRoot’ flaw gives hackers root Linux access

A new vulnerability dubbed Pack2TheRoot could be exploited in the PackageKit daemon to allow local Linux users to install or ...

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...
The Hacker News

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.
SecurityWeek

Vulnerabilities Patched in CrowdStrike, Tenable Products

CrowdStrike and Tenable informed customers this week about potentially serious vulnerabilities found and patched in their ...
CSO Online

Hackers exploit Vercel’s trust in AI integration

Compromised Context.ai integration let attackers inherit Vercel employee access and reach internal systems, exposing a ...