The Hacker News

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS

CVE-2026-35616 (CVSS 9.1) exploited since March 31, 2026, affects FortiClient EMS 7.4.5–7.4.6, enabling privilege escalation.
SecurityWeek

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has patched eight critical and high-severity vulnerabilities that could lead to bypasses, code execution, and privilege ...
SecurityWeek

Exploited Zero-Day Among 21 Vulnerabilities Patched in Chrome

Google has announced a Chrome 146 update that patches 21 vulnerabilities, including a zero-day that has been exploited in the ...
Dark Reading

F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation

CVE-2025-53521 was first disclosed in October as a high-severity denial-of-service (DoS) flaw, but new information reveals ...
Network World

Chained vulnerabilities in Cisco Catalyst switches could induce denial-of-service

Cisco’s widely deployed Catalyst 9300 Series enterprise switches have four security vulnerabilities, two of which could be ...
Infosecurity Magazine

Citrix Urges Immediate Patching for Critical NetScaler Vulnerabilities

A critical vulnerability in Citrix’s NetScaler products allows unauthenticated remote attackers to leak information from the ...
The Hacker News

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Chrome patches 21 flaws including exploited CVE-2026-5281 in Dawn, marking fourth zero-day fixed in 2026, reducing active ...

The CVE Program, a bedrock of global cyber defense, is teetering on the brink

A funding scare, AI and similar international initiatives are raising existential questions about the program’s future.
Forbes

CVE Program Funding Reinstated—What It Means And What To Do Next

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...

Hopper Launches SUPPLYSHIELD™: A Secure Open Source Supply Layer Delivering Zero-CVE ...

Hopper today announced the launch of SUPPLYSHIELD™, a new software supply layer that enables organizations to consume open source through a secured and continuously maintained registry, delivering ...
CSOonline

Beyond CVE: The hunt for other sources of vulnerability intel

Were the CVE program to be discontinued, security teams would have a hard time finding one resource that would function with the same impact across the board. Here are current issues of relying on CVE ...