latesthackingnews.com

CVE-2026-48907: How the Joomla JCE Exploit Works and What to Do About It

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.
Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
Threat Post

APT ‘Aquatic Panda’ Targets Universities with Log4Shell Exploit Tools

Researchers from CrowdStrike disrupted an attempt by the threat group to steal industrial intelligence and military secrets from an academic institution. Cyber criminals, under the moniker Aquatic ...
techtimes

Log4Shell Exploit Could Take Months or Years to Solve Because of its Ubuquity, Cybersecurity Experts Say

The existence of the Log4j flaw will continue to haunt internet users for months if not years, according to cybersecurity experts. Sigmund from Unsplash The most recent attacks alerted the security ...