T1203 - Exploitation for Client Execution is a mitre_attack tracked across 50 threat clusters and 291 intelligence report mentions on ThreatCluster. First observed November 7, 2025; most recent activity July 17, 2026.
APT28 has actively exploited a zero-day vulnerability in MSHTML affecting all Windows versions, which has a CVSS score of 8.8. The vulnerability allows for security bypass and poses significant risks to users. A patch…
Active exploitation of two critical vulnerabilities has been reported: CVE-2026-20230 in Cisco Unified CM and CVE-2026-20971 in Samsung KNOX. The Cisco flaw, a server-side request forgery (SSRF), poses an immediate…
OpenSSL has patched a high-severity stack buffer overflow vulnerability, tracked as CVE-2025-15467. This flaw allows unauthenticated attackers to trigger denial-of-service conditions and potentially execute remote code…
Russian state-backed hackers from APT28 are actively exploiting a high-severity stored cross-site scripting vulnerability (CVE-2025-66376) in the Zimbra Collaboration Suite (ZCS) to target Ukrainian government entities.…
On April 3, 2025, Ivanti disclosed CVE-2025-22457, a critical buffer overflow vulnerability affecting Ivanti Connect Secure and other products. The vulnerability allows unauthenticated remote code execution, and…
The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that U.S. federal agencies patch a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1340, by April 11, 2026.…
An advanced persistent threat actor exploited zero-day vulnerabilities in Cisco Identity Service Engine and Citrix NetScaler products. The attacks utilized custom malware and were detected by Amazon's MadPot honeypot…
A critical vulnerability in FortiWeb Web Application Firewall (WAF) has been actively exploited, allowing attackers to gain full administrative access to affected systems. Organizations using FortiWeb are at risk of…
Hackers are exploiting a critical vulnerability in PTC Windchill and FlexPLM, tracked as CVE-2026-12569, which allows remote code execution due to an unsafe deserialization flaw. This vulnerability affects product…
SiYuan, an open-source personal knowledge management system, has disclosed a critical stored cross-site scripting (XSS) vulnerability that can escalate to remote code execution (RCE) in its Electron desktop client. The…