Latest news
Vulnerability
CISA Warns of Actively Exploited Microsoft Exchange Server XSS Flaw — Patch by May 29
19 May 2026 dark6
CISA has added CVE-2026-42897, a cross-site scripting vulnerability in Microsoft Exchange Server's Outlook Web Access, to its Known Exploited Vulnerabilities...
Vulnerability
Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild
19 May 2026 dark6
Hackers are actively exploiting CVE-2026-42945, a critical heap buffer overflow in NGINX Open Source and NGINX Plus, with real-world attacks...
Vulnerability
New Ivanti EPMM Zero-Day CVE-2026-6973 Actively Exploited — Patch Immediately
8 May 2026 dark6
Ivanti has confirmed active exploitation of CVE-2026-6973, a new zero-day vulnerability in its on-premises Endpoint Manager Mobile (EPMM) product. The...