Three Flaws, One Attack Chain: How SimpleHelp Became Ransomware's Favourite MSP Gateway
SimpleHelp CVE-2024-57727, CVE-2024-57726, and CVE-2024-57728 form an attack chain abused by ransomware actors against MSPs and downstream customers.
Category desk
Exploits
Zero-days, proof-of-concept activity, exploit chains, and emergency patch windows.
CVE-2026-41940: Critical cPanel Auth Bypass Fuels Global Ransomware Wave
CVE-2026-41940 is a critical cPanel and WHM authentication bypass tied to mass exploitation, Sorry ransomware deployment, and an accelerated CISA remediation deadline.
Palo Alto Zero-Day CVE-2026-0300: State-Backed Hackers Had 26 Days of Root-Level Access Before Anyone Knew
A critical unauthenticated PAN-OS User-ID Authentication Portal zero-day, CVE-2026-0300, was exploited for 26 days before public disclosure, giving likely state-backed attackers root-level firewall access.
Fragnesia Linux Kernel Flaw Gives Local Attackers a Public Path to Root
Fragnesia, tracked as CVE-2026-46300, is a Linux kernel local privilege escalation flaw involving ESP/IPsec page-cache corruption, with public proof-of-concept code increasing patch urgency.
CVE-2026-23870: React Server Components DoS Flaw Hits Next.js App Router Apps; How to Reproduce Safely and Patch
A high-severity React Server Components denial-of-service flaw can let unauthenticated attackers degrade vulnerable Next.js App Router apps through crafted Server Function requests.
Fortinet Patches Critical FortiVoice Zero-Day Exploited for Credential Theft and Network Scanning
Fortinet patched CVE-2025-32756, a critical unauthenticated RCE flaw exploited against FortiVoice systems for credential theft, FastCGI debugging and network scanning.
Intel Branch Privilege Injection Flaw Undermines Six Years of Spectre v2 Hardware Defenses
Intel issued microcode mitigations for CVE-2024-45332, a Branch Privilege Injection flaw that can bypass Spectre v2 hardware defenses and leak privileged memory from affected systems.
SAP Patches Second Critical NetWeaver Flaw After Researchers Link It to Chained Zero-Day Attacks
SAP patched CVE-2025-42999, a critical NetWeaver Visual Composer deserialization flaw linked to chained attacks that followed exploitation of CVE-2025-31324.