The Hacker News

Hackers Exploit CVE-2025-32975 (CVSS 10.0) to Hijack Unpatched Quest KACE SMA Systems

CVE-2025-32975 exploited since March 2026 on unpatched KACE SMA systems, enabling admin takeover and payload delivery.
DataBreachToday

Beyond CVSS: OT Security Looks for Its Risk Methodology

A mainstay of IT security programs across the world, the Common Vulnerability Scoring System, may have terminal flaws when ...
The Hacker News

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE

CVE-2026-32746 exposes telnetd via pre-auth flaw (CVSS 9.8), enabling root RCE through port 23, risking full system takeover.
Infosecurity-magazine.com

Beyond the Score: Rethinking Vulnerability Management in a Contextual Era

Picture the scenario: you log into your vulnerability management dashboard on a Monday morning. The scan ran overnight, and the report lights up with a dozen new high-severity CVEs. One stands out ...

Intel warns of high-severity vulnerabilities in a swathe of its products, with patches on the way

Just don't let strangers near your rig soon, or any time really.
SecurityWeek

Recent Ivanti Endpoint Manager Flaw Exploited in Attacks

CISA warns that a high-severity Ivanti Endpoint Manager vulnerability disclosed and patched last month has been exploited in ...
SecurityWeek

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

SAP released 15 new security notes on its March 2026 Security Patch Day, including two that resolve critical vulnerabilities ...
Hosted on MSN

Vulnerability scores, huh, what are they good for? Almost nothing

Aram Hovespyan, co-founder and CEO of security biz Codific, says that the rating systems for identifying security vulnerabilities and assessing threat risk need to be overhauled.… Having examined the ...
Infosecurity Magazine

Critical Zero-Click Flaw in n8n Allows Full Server Compromise

The critical vulnerability affecting both cloud and self-hosted n8n instances requires no authentication or even n8n account ...