Acrobat Reader has an unpatched zero-day. Stop opening unknown PDFs

According to BleepingComputer, there’s a serious vulnerability in Acrobat Reader that can be exploited to steal sensitive ...

Experts flag Adobe Reader security flaw using booby-trapped PDFs to scope out victims

Adobe Reader contains a dangerous zero-day ...
SecurityWeek

Orthanc DICOM Vulnerabilities Lead to Crashes, RCE

Multiple vulnerabilities in the Orthanc DICOM server could be exploited to cause crashes, leak information, or execute arbitrary code.
CSO Online

Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes

The decade-old ActiveMQ flaw was uncovered and weaponized in minutes, showing AI’s exploit-building potential amid the Mythos ...

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

A critical Adobe Acrobat zero-day has been exploited for months via malicious PDFs to steal data and potentially take over ...
The Hacker News

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

Adobe Reader zero-day exploited since Dec 2025 via malicious PDFs, enabling data theft and potential RCE, prompting urgent ...

Max severity Flowise RCE vulnerability now exploited in attacks

Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for ...
The Hacker News

Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances Exposed

CVE-2025-59528 exploited in Flowise for over six months across 12,000+ exposed instances, enabling full system compromise.
Dark Reading

Automated Credential Harvesting Campaign Exploits React2Shell Flaw

An emerging threat cluster is exploiting vulnerable Web-exposed Next.js apps and using an automated tool to steal credentials ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
SecurityWeek

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical-severity ShareFile vulnerabilities allow remote attackers to bypass authentication and execute arbitrary code.

New Progress ShareFile flaws can be chained in pre-auth RCE attacks

Two vulnerabilities in Progress ShareFile, an enterprise-grade secure file transfer solution, can be chained to enable ...