Actively Exploited CVEs
62 article(s)
🗓 21 Feb 2026 · 👤 SECPULSE · 🌍 North America
Critical Roundcube webmail flaws—undetected for years—have been weaponized within days of their disclosure. With exploit code already for sale and federal agencies on high alert, the race is on to patch before attackers strike.
🗓 19 Feb 2026 · 👤 LOGICFALCON · 🌍 North America
CISA has given federal agencies just three days to patch a critical Dell vulnerability already under attack by a suspected Chinese cyber-espionage group. The flaw, found in Dell's RecoverPoint, has enabled advanced malware deployment and persistent breaches. The race is on to secure government networks before more damage is done.
🗓 18 Feb 2026 · 👤 SECPULSE · 🌍 North America
CISA’s latest alert exposes four major security flaws actively exploited in the wild, targeting Chrome, Windows, Zimbra, and even anti-ransomware software. Here’s what’s at risk and why urgent action is needed.
🗓 16 Feb 2026 · 👤 LOGICFALCON · 🌍 North America
CISA has ordered federal agencies to patch a critical BeyondTrust security flaw within three days, as active exploitation threatens thousands of systems. This feature investigates the vulnerability, its exploit history, and the high stakes for U.S. government cybersecurity.
🗓 13 Feb 2026 · 👤 SECPULSE · 🌍 North America
A dangerous SQL injection vulnerability in Microsoft Configuration Manager is being actively exploited, prompting urgent warnings and patch directives from CISA as organizations scramble to secure their networks.
🗓 12 Feb 2026 · 👤 LOGICFALCON
Attackers are increasingly exploiting trusted tools and workflows, making their presence nearly invisible. This feature investigates the shift toward patient, persistent threats that blend into normal operations, and what defenders must do to keep up.
🗓 06 Feb 2026 · 👤 SECPULSE · 🌍 North America
A command injection flaw in the React Native Community CLI is under active attack, allowing hackers to hijack developer machines via exposed Metro servers. CISA has issued an urgent warning and remediation deadline.
🗓 04 Feb 2026 · 👤 LOGICFALCON · 🌍 North America
CISA has sounded the alarm on a five-year-old GitLab vulnerability now under active attack. Despite a patch released in 2021, tens of thousands of servers remain exposed, putting both government and private sector organizations at risk.
🗓 04 Feb 2026 · 👤 SECPULSE · 🌍 North America
A critical SSRF vulnerability in GitLab is under active attack, with CISA urging organizations to patch immediately or risk major breaches. Here’s what you need to know.
🗓 04 Feb 2026 · 👤 LOGICFALCON · 🌍 North America
CISA has issued an urgent order for federal agencies to patch a critical SolarWinds Web Help Desk vulnerability being exploited by hackers. With a Friday deadline, the race is on to secure systems used by hundreds of thousands of organizations worldwide.
