TechRadar

Vulnerability in Identity Service Engine with exploit code patched by Cisco

CVE-2026-20029 in Cisco ISE/ISE-PIC allows arbitrary file reads via malicious XML uploads Exploitation requires valid admin credentials; no workarounds exist—patching is the only fix PoC exploit ...
SecurityWeek

Exploit for VMware Zero-Day Flaws Likely Built a Year Before Public Disclosure

Analysis of a recent attack targeting VMware ESXi vulnerabilities from March 2025 revealed an exploit developed a year before ...
The Register on MSN

Patch Cisco ISE bug now before attackers abuse proof-of-concept exploit

No reports of active exploitation … yet Cisco patched a bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) products that allows remote attackers with admin-level ...
Business Wire

VulnCheck Launches Catalog of Known Exploited Vulnerabilities Fused with Exploit Intelligence

LEXINGTON, Mass.--(BUSINESS WIRE)--VulnCheck, the exploit intelligence company, today announced the launch of the VulnCheck Known Exploited Vulnerabilities (KEV) catalog. The free offering, available ...
CSOonline

CISOs advised to rethink vulnerability management as exploits sharply rise

Surge in vulnerabilities and exploits leaving overloaded security teams with little recourse but to embrace risk-based approaches to patching what they can. Enterprise attack surfaces continue to ...
WeLiveSecurity

RomCom exploits Firefox and Windows zero days in the wild

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...