Synacktiv

Urgent: CISA Confirms Active Attacks Exploiting Critical Microsoft SCCM Flaw

February 15, 2026

A critical SQL injection vulnerability (CVE-2024-43468) in Microsoft Configuration Manager is now being actively exploited, allowing unauthenticated attackers to execute…

Cybersecurity

Synology Patches Critical BeeStation Flaws Exposed at Pwn2Own

November 13, 2025

Synology released a critical security update for BeeStation devices to fix a remote code execution vulnerability (CVE-2025-12686) caused by an…

BigTech Companies

Urgent: Patch Windows SMB Flaw Being Actively Exploited

October 25, 2025

A critical Windows SMB Client vulnerability (CVE-2025-33073) is being actively exploited, allowing attackers to gain SYSTEM-level privileges through a malicious…

Cybersecurity

VMware patches critical ESXi zero-day bugs exploited at Pwn2Own

July 19, 2025

VMware released critical security updates for four vulnerabilities in ESXi, Workstation, Fusion, and Tools, originally exploited as zero-days during Pwn2Own…