- CISA Adds Actively Exploited n8n Vulnerability (CVE-2025-68613) to KEV Catalog
- APT28 Using Malicious LNK Files to Exploit Windows Vulnerability (CVE-2026-21513)
- Critical Windows Kernel and SMB Server EoP Vulnerabilities Patched
- New Nuclei Detection Templates for Actively Exploited CVEs
- Project Zero Highlights Windows Security Feature Research and Android ASLR Leaks
CISA Adds Actively Exploited n8n Vulnerability (CVE-2025-68613) to KEV Catalog
WhatCISA added CVE-2025-68613 to its Known Exploited Vulnerabilities catalog. This n8n vulnerability involves improper control of dynamically-managed code resources and is confirmed as actively exploited.
Source[External: www.reddit.com]
Applies toOrganizations using n8n workflow automation.
Why it mattersThis mandates immediate patching priority for federal agencies and indicates a live attack vector for all organizations.
APT28 Using Malicious LNK Files to Exploit Windows Vulnerability (CVE-2026-21513)
WhatThe Russian state-sponsored group APT28 was observed exploiting CVE-2026-21513 using malicious Windows Shortcut (.lnk) files with embedded HTML payloads for multi-stage delivery.
Source[External: www.recordedfuture.com]
Applies toGeneral Windows environments.
Why it mattersThis is a current TTP from a high-threat actor combining a new CVE with a classic initial access method.
Critical Windows Kernel and SMB Server EoP Vulnerabilities Patched
WhatMicrosoft's March 2026 patches include multiple important Elevation of Privilege (EoP) vulnerabilities in the Windows Kernel (e.g., CVE-2026-24287) and SMB Server (e.g., CVE-2026-24294), all with CVSS scores of 7.0-7.8.
Source[External: www.zerodayinitiative.com]
Applies toGeneral Windows environments.
Why it mattersThese local privilege escalation paths are common post-exploitation targets for ransomware and advanced attackers.
New Nuclei Detection Templates for Actively Exploited CVEs
WhatProjectDiscovery released Nuclei templates for critical, actively exploited CVEs including FortiWeb authentication bypass (CVE-2025-64446) and Oracle E-Business Suite SSRF (CVE-2025-61884).
Source[External: projectdiscovery.io]
Applies toGeneral attack surface management.
Why it mattersThese provide immediate, scalable detection capabilities for vulnerabilities known to be under attack.
Project Zero Highlights Windows Security Feature Research and Android ASLR Leaks
WhatGoogle Project Zero detailed research on Windows Administrator Protection security boundaries and discussed the utility of remote ASLR leaks for exploiting Android.
Source[External: projectzero.google]
Applies toGeneral (Windows/Android security research).
Why it mattersThis signals emerging areas of vulnerability research and potential future exploit techniques.
Is your WordPress site exposed to threats like these?
Arc is an AI security agent that watches your site 24/7 and patches vulnerabilities before attackers find them.
Scan your site free →