Vulnerabilities News – SecurityWeek Cybersecurity News, Insights & Analysis
- Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant
by Ionut Arghire on March 2, 2026 at 3:26 pmMalicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files. The post Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant appeared first on SecurityWeek.
- OpenClaw Vulnerability Allowed Websites to Hijack AI Agentsby Ionut Arghire on March 2, 2026 at 2:26 pm
Malicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent. The post OpenClaw Vulnerability Allowed Websites to Hijack AI Agents appeared first on SecurityWeek.
- 900 Sangoma FreePBX Instances Infected With Web Shellsby Ionut Arghire on February 27, 2026 at 1:24 pm
The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface. The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek.
- Juniper Networks PTX Routers Affected by Critical Vulnerabilityby Eduard Kovacs on February 27, 2026 at 10:39 am
An out-of-band security update for Junos OS Evolved patches the remote code execution vulnerability CVE-2026-21902. The post Juniper Networks PTX Routers Affected by Critical Vulnerability appeared first on SecurityWeek.
- Claude Code Flaws Exposed Developer Devices to Silent Hackingby Eduard Kovacs on February 26, 2026 at 1:37 pm
Anthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files. The post Claude Code Flaws Exposed Developer Devices to Silent Hacking appeared first on SecurityWeek.
- Zyxel Patches Critical Vulnerability in Many Device Modelsby Ionut Arghire on February 26, 2026 at 12:09 pm
The issue impacts the UPnP function of multiple device models and could be exploited for remote code execution. The post Zyxel Patches Critical Vulnerability in Many Device Models appeared first on SecurityWeek.
- Trend Micro Patches Critical Apex One Vulnerabilitiesby Eduard Kovacs on February 26, 2026 at 9:56 am
TrendAI has fixed eight critical and high-severity issues in Windows and macOS endpoint security products. The post Trend Micro Patches Critical Apex One Vulnerabilities appeared first on SecurityWeek.
- Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackersby Ionut Arghire on February 26, 2026 at 9:18 am
Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek.
- SolarWinds Patches Four Critical Serv-U Vulnerabilitiesby Ionut Arghire on February 25, 2026 at 3:30 pm
The four security defects could be exploited for remote code execution but require administrative privileges. The post SolarWinds Patches Four Critical Serv-U Vulnerabilities appeared first on SecurityWeek.
- VMware Aria Operations Vulnerability Could Allow Remote Code Executionby Eduard Kovacs on February 24, 2026 at 2:30 pm
Broadcom has patched several vulnerabilities in VMware Aria Operations, including high-severity flaws. The post VMware Aria Operations Vulnerability Could Allow Remote Code Execution appeared first on SecurityWeek.
