🚨Upozorňujeme na kritickou zranitelnost v Google Chrome, CVE-2026-2441. Jedná se o zranitelnost typu use-after-free (poškození paměti) v modulu pro vykreslování CSS v prohlížeči Google Chrome. Zranitelnost lze zneužít vzdáleně prostřednictvím škodlivého webového obsahu – útočník

Researchers found a stack overflow in Grandstream GXP1600 phones (CVE-2026-2329, 9.3 CVSS). A crafted API request can overwrite memory and run code remotely—no login required. Post-exploitation includes credential theft and VoIP call interception via rogue SIP proxy. 🔗 Read →

CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones rapid7.com/blog/post/ve-c…

Vulnerabilities in Popular PDF Platforms Allowed Account Takeover, Data Exfiltration securityweek.com/vulnerabilitie…

⚡ Android trojan "Massiv" is using fake IPTV apps to hijack devices and drain bank accounts. It enables full remote control, screen streaming, SMS theft & banking overlays to capture credentials and run fraudulent transactions unnoticed. 🔗 Details → thehackernews.com/2026/02/fake-i…

⚠️ Internet-Facing WHD Servers Become Entry Points for Multistage Attacks darkreading.com/vulnerabilitie… Attackers are actively targeting exposed SolarWinds Web Help Desk (WHD) instances, exploiting critical flaws like CVE-2025-40551. Microsoft and Huntress observed multistage

Warning: #F5 BIG-IP TMM vulnerability, #CVE-2026-2507, affecting #BIG-IP #AFM and #DDoS Hybrid Defender  allows a remote unauthenticated attacker to cause denial-of-service #DoS! ccb.belgium.be/advisories/war… #Patch #Patch #Patch

🛑 Microsoft patched a Windows Admin Center flaw enabling privilege escalation across managed systems. CVE-2026-26119 (CVSS 8.8) stems from improper authentication and could grant rights equal to the running user. 🔗 Read → thehackernews.com/2026/02/micros…

⚠️ Splunk Enterprise for Windows Vulnerability Let Attackers Gain SYSTEM Access Source: cybersecuritynews.com/splunk-enterpr… Splunk has disclosed a high-severity vulnerability in Splunk Enterprise for Windows that allows a low-privileged local user to escalate their privileges to SYSTEM

Warning: #CISA warns of a critical authentication bypass vulnerability, #CVE-2026-1670, in #Honeywell CCTVs allowing unauthorized access or account hijacking. CISA advises to isolate camera systems from Internet, use firewalls, and place remote devices behind secure networks.

Predator spyware hooks iOS SpringBoard to hide mic, camera activity - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Critical Grandstream Phone Vulnerability Exposes Calls to Interception securityweek.com/critical-grand…

Recent RoundCube Webmail Vulnerability Exploited in Attacks securityweek.com/recent-roundcu…

CISA: Recently patched RoundCube flaws now exploited in attacks - Sergiu Gatlan bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers. bleepingcomputer.com/news/security/…

⚠️ Multiple VMware Aria Vulnerabilities Allow Remote Code Execution Attacks Source: cybersecuritynews.com/vmware-aria-vu… Three vulnerabilities in VMware Aria Operations that pose risks, including remote code execution. Organizations using affected products should prioritize patching to

Warning: Critical PHP deserialization flaw in #Roundcube Webmail. #CVE-2025-49113 CVSS: 9.9. Authenticated users can trigger #RCE via crafted requests. Actively exploited by ransomware groups. #Patch #Patch #Patch More info: ccb.belgium.be/advisories/war…

⚠️ ALERT: SolarWinds patched four critical 9.1 CVSS flaws in Serv-U that can lead to remote code execution as root. SolarWinds says there’s no sign of active attacks, but earlier Serv-U flaws were used by Storm-0322. 🔗 Details → thehackernews.com/2026/02/solarw…

U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog securityaffairs.com/188473/hacking…

🚨 IceWarp has recently disclosed several high-severity vulnerabilities that pose a significant risk to unpatched servers. Attackers can exploit these flaws to achieve unauthorized server access, execute arbitrary code, and perform unauthorized file reading. 🔍 Identify Targets