Vulnerability

RSS

Sophos Insights

LLM

Exploit

vulnerability

Active Adversary

Pacific Rim

The vulnerability flood is here. Here’s what it means – and how to prepare

We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond.

Threat Research

advisory

vulnerability

Adobe Reader

Adobe Reader zero-day vulnerability in active exploitation

Threat Research

advisory

vulnerability

Oracle

Oracle vulnerability (CVE-2026-21992) impacts core products

Threat Research

advisory

vulnerability

SD-WAN

Cisco SD-WAN vulnerabilities (CVE-2026-20127, CVE-2022-20775) in active exploitation

Threat Research

Microsoft Office

vulnerability

advisory

Microsoft Office vulnerability (CVE-2026-21509) in active exploitation

Threat Research

Featured

vulnerability

react2shell

React2Shell flaw (CVE-2025-55182) exploited for remote code execution

Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

Threat Research

Featured

vulnerability

Windows Server Update Services

WSUS

Windows Server Update Services (WSUS) vulnerability abused to harvest sensitive data

Naked Security

Patch Tuesday

vulnerability

Zero-day

Microsoft Patch Tuesday: 74 CVEs plus 2 “Exploit Detected” advisories

Naked Security

Firefox

security fix

vulnerability

Firefox fixes a flurry of flaws in the first of two releases this month

Naked Security

Apple

Exploit

triangulation

vulnerability

Zero-day

Apple ships that recent “Rapid Response” spyware patch to everyone, fixes a second zero-day

…