The Hacker News

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco patches two 9.8 CVSS flaws (CVE-2026-20093, CVE-2026-20160), preventing authentication bypass and root access.

Google Issues Zero-Day Attack Alert For 3.5 Billion Chrome Users

Google has issued an update alert for 3.5 billion Chrome browser users following confirmation of a new zero-day attack exploit.
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and ...

Public Leak of “DarkSword” Exploit Kit Puts Millions of iPhones in the Crosshairs

A report has confirmed that a highly sophisticated, full-chain exploit kit internally known as DarkSword has been publicly ...
Dark Reading

F5 BIG-IP Vulnerability Reclassified as RCE, Under Exploitation

CVE-2025-53521 was first disclosed in October as a high-severity denial-of-service (DoS) flaw, but new information reveals ...

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...

Israeli entrepreneurs raise $11 million to fight vulnerabilities exploited by Iranian hackers

Onit Security, founded with the goal of addressing the main vulnerabilities exploited by Iranian hacker groups, developed an ...
CSOonline

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based approaches to patching what they can. Enterprise attack surfaces continue ...