latesthackingnews.com

CVE-2026-48907: How the Joomla JCE Exploit Works and What to Do About It

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.
Tech Times

Cisco Unified CM SSRF Flaw CVE-2026-20230: Public Exploit Code Opens Path to Root

Cisco Unified Communications Manager vulnerability CVE-2026-20230 allows unauthenticated attackers to gain root access via ...
Hosted on MSN

ChatGPT hit by a zero-click, server-side vulnerability that criminals can use to siphon sensitive data - here's how to stay safe

Enterprises are increasingly using AI tools such as ChatGPT’s Deep Research agent to analyze emails, CRM data, and internal reports for strategic decision-making, experts have warned. These platforms ...
SecurityWeek

New Windows Zero-Day Exploit ‘RoguePlanet’ Released

A security researcher has released RoguePlanet, a Windows zero-day exploit leading to local privilege escalation to SYSTEM.