Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Search Known Exploits
Search for CVEs by vendor to identify known exploited vulnerabilities in your environment
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Palo Alto Networks
PAN-OS
Patch deadline: a year ago on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Learn more about this CVE: paloaltonetworks.com
Cyber Security News
You may have missed...
*
Inside a cyberattack: How hackers steal data
The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...
Security Risks of AI Chatbots in Crypto Transactions - OneSafe Blog
AI chatbots pose security risks in crypto transactions. Discover mitigation strategies and lessons from Amazon's integration for safer digital ...
Hacker Drains $27M From Multi-Sig Wallet, Launders $19M via Tornado Cash
The incident, first detected by blockchain security firm PeckShield, marks the latest in a series of major exploits targeting crypto holders in early ...
Bitcoin Payments: Who Accepts Bitcoin and Other Cryptocurrencies in 2026 | Ledger
In this article, Ledger Academy explores the businesses accepting crypto today, the different ways you can spend your assets, and the vital security ....
What Healthcare Organizations Should Know About Advanced Persistent Threats
These long-term attacks are a real concern for an industry that is frequently targeted with ransomware.
Exploited vulnerabilities accelerated in 2025, CISA KEV catalog shows - SC Magazine
Notably, 24 of the vulnerabilities added in 2025 were confirmed to be exploited by ransomware groups, targeting vendors such as Microsoft, Apple, and ...
Risky shadow AI use remains widespread - Cybersecurity Dive
“This combination of novel AI-driven threats and legacy security concerns defines the evolving threat landscape for 2026,” Netskope said in its report...
Jaguar Land Rover reports fiscal Q3 sales slump following cyberattack - Cybersecurity Dive
The hack forced the automaker to halt production for weeks and caused disruptions across the supply chain.
Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from ... - The Hacker News
Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and ...
Updated daily