Sentire says attacks began June 29 against a CVSS 9.6 OS command injection flaw that enables unauthenticated code execution.
On June 29, 2026, eSentire’s Threat Response Unit (TRU) identified active, in-the-wild exploitation attempts targeting a critical flaw in Progress Kemp LoadMaster appliances, tracked as CVE-2026-8037.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting ...