The Hacker News

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Cisco warns CVE-2026-20127 (CVSS 10.0) in SD-WAN is exploited since 2023 to gain admin access; CISA adds it to KEV and ...

Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023

Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was ...

Microsoft: critical privilege escalation vulnerability in Windows Admin Center

In Windows Admin Center, attackers can escalate their privileges. Microsoft classifies this as critical and advises admins to ...
Dark Reading

Dell's Hard-Coded Flaw: A Nation-State Goldmine

A China-related attacker has exploited the vendor flaw since mid-2024, allowing it to move laterally, maintain persistent ...

China-linked snoops have been exploiting Dell 0-day since mid-2024, using 'ghost NICs' to avoid detection

Full scale of infections remains 'unknown' China-linked attackers exploited a maximum-severity hardcoded-credential bug in ...
CSO Online

The ephemeral infrastructure paradox: Why short-lived systems need stronger identity governance

Your cloud isn’t at risk because it’s fast; it’s at risk because thousands of invisible machine identities outlive your control.
CSO Online

Chinese hackers exploited zero-day Dell RecoverPoint flaw for 1.5 years

A suspected Chinese espionage group exploited hardcoded admin credentials in Dell RecoverPoint for Virtual Machines to deploy ...
THE WEEK

Admin night: the TikTok trend turning paperwork into a party

At times, the simplest tasks, such as responding to emails, scheduling appointments and paying bills, can pile up. Then you suddenly have one daunting mountain of to-dos. Tackling such monotonous ...

The best hosted endpoint security software of 2026: Expert tested

Endpoint protection and response platforms cover everything from AI-powered ransomware detection to insider risk monitoring.
HotHardware

Millions At Risk As Attackers Exploit This Alarming WinRAR Security Flaw

Remember the WinRAR path handling exploit we reported on back in August? According to Google, that same flaw, officially dubbed CVE-2025-8088, is still being actively exploited, even though versions ...