The Hacker News

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026.
Bleeping Computer

Citrix Patches CVE-2019-19781 Flaw in Citrix ADC 11.1 and 12.0

Citrix released permanent fixes for the actively exploited CVE-2019-19781 vulnerability impacting Citrix Application Delivery Controller (ADC), Citrix Gateway, and Citrix SD-WAN WANOP appliances and ...
Bleeping Computer

Citrix ADC CVE-2019-19781 Exploits Released, Fix Now!

Numerous working exploits for the Citrix ADC (NetScaler) CVE-2019-19781 vulnerability are finally here and have been publicly posted in numerous locations. There is no patch available for this ...
PCMag on MSN

Emergency patch issued for Microsoft Office, 365 over hacking threat

Microsoft suggests the threat is being used in phishing attacks against vulnerable systems since successful exploitation requires local access to the PC.

Fixes released for a serious Microsoft Office zero-day flaw

Microsoft is warning admins of an Office security bypass zero day vulnerability that can be triggered simply by a user opening a document. The flaw is currently being actively exploited.