SecurityWeek

Fresh SolarWinds Vulnerability Exploited in Attacks

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.
Krebs on Security

Patch Tuesday, February 2026 Edition

The zero-day flaw CVE-2026-21513 is a security bypass bug targeting MSHTML, the proprietary engine of the default Web browser in Windows. CVE-2026-21514 is a related security feature bypass in ...

February’s Patch Tuesday release fixes 59 flaws, including 6 being exploited

IT admins will be busy this month patching Microsoft software and apps, but not nearly as busy as they were in January.

GitLab patches major security flaw - here's what we know

A new patch fixes six important GitLab flaws ...
WinBuzzer

OpenClaw Security Fallout: 341 Malicious Skills and Enabling One-Click Remote Code Execution

OpenClaw has exposed users to critical security vulnerabilities, including CVE-2026-25253 enabling one-click remote code ...
The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.
SecurityWeek

Critical SmarterMail Vulnerability Exploited in Ransomware Attacks

CISA warns of a new SmarterTools SmarterMail vulnerability exploited by ransomware groups for unauthenticated RCE.

Critical n8n flaws disclosed along with public exploits

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...
Forbes

CVE Program Funding Reinstated—What It Means And What To Do Next

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...