Cisco confirmed that attackers are now exploiting a Unified Communications Manager (Unified CM) vulnerability patched in ...
Roundcube Webmail administrators are being pressed to install emergency updates after maintainers fixed a set of security flaws that could expose email systems to database manipulation, script ...
Switchzilla amid reports of new serious vulnerabilities under attack. First up is a server-side request forgery bug in its Unified Communications Manager tracked as CVE-2026-20230. Cisco disclosed and ...
Cisco Unified CM CVE-2026-20230 is under active exploitation, allowing file writes on WebDialer-enabled systems.
The flaw, CVE-2026-35273, carries a CVSS severity score of 9.8 out of 10 and enables a remote attacker to execute arbitrary code on a PeopleSoft server without supplying any credentials. No password.
One of the world’s most active ransomware groups exploited a critical vulnerability in Oracle’s PeopleSoft software suite and used it to target about 100 customers and extort at least one of them to ...
Cisco disclosed a critical server-side request forgery vulnerability in its Unified Communications Manager platform on Wednesday, and by Thursday morning working proof-of-concept exploit code was ...
A critical vulnerability has been discovered in Angular Server-Side Rendering (SSR) that could allow attackers to manipulate request handling and trigger unauthorized server-side requests. Tracked as ...
The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...
Abstract: Amid the fast growth and development of web applications, the need for security is also ever growing. Security threats such as Server Side Request Forgery and Broken Access Control can lead ...
OpenClaw has patched six new vulnerabilities in its popular agentic AI assistant, covering server-side request forgery (SSRF), missing authentication and path traversal bugs, according to Endor Labs.