RCE

ISC Stormcast: SAP NetWeaver Exploits and Steganographic Malware Trends

Threat Intelligence

ISC Stormcast: SAP NetWeaver Exploits and Steganographic Malware Trends

The SANS Internet Storm Center (ISC) Stormcast for April 29, 2025, highlights critical cybersecurity threats, including active...

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

CVE News

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

A critical vulnerability (CVE-2025-34491) in GFI MailEssentials enables authenticated attackers to execute arbitrary code through .NET deserialization...

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

CVE News

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

A critical vulnerability (CVE-2025-46661) has been identified in IPW Systems Metazo versions up to 8.1.3, allowing unauthenticated...

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CVE News

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...

Global Surge in Automated Scanning Activity: Threat Landscape Analysis

Threat Intelligence

Global Surge in Automated Scanning Activity: Threat Landscape Analysis

The cybersecurity landscape continues to evolve with increasing automation, as evidenced by a 16.7% year-over-year rise in...

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

CVE News

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...

ISC Stormcast April 28, 2025: Key Cybersecurity Threats and Tools

Threat Intelligence

ISC Stormcast April 28, 2025: Key Cybersecurity Threats and Tools

The latest episode of the SANS Internet Storm Center (ISC) Stormcast, released on April 28, 2025, covers...

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

CVE News

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

CVE News

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...

iPhone “Infostealer” Malware Threat: Analysis and Mitigation (2025 Update)

Threat Intelligence

iPhone “Infostealer” Malware Threat: Analysis and Mitigation (2025 Update)

A new wave of cyberattacks targeting iPhone users has emerged, with malware dubbed “Infostealer” compromising millions of...

Windows “inetpub” Security Fix Exploited to Block Future Updates: Technical Analysis

CVE News

Windows “inetpub” Security Fix Exploited to Block Future Updates: Technical Analysis

A recent Windows security update designed to mitigate a privilege escalation vulnerability has inadvertently introduced a new...

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

CVE News

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

A high-severity remote code execution (RCE) vulnerability (CVE-2025-3642) has been identified in Moodle’s EQUELLA repository integration, posing...

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

CVE News

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

A high-severity vulnerability (CVE-2025-3935) affecting ScreenConnect versions 25.2.3 and earlier has been disclosed, involving ASP.NET ViewState code...

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

CVE News

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Google Chrome recently faced two critical use-after-free (UAF) vulnerabilities that were actively exploited in the wild before...

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Blue-Team

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

A widespread phishing campaign targeting WooCommerce store owners has been identified, leveraging fabricated security vulnerability alerts to...

Metasploit Enhances AD CS Exploitation Capabilities with New PKCS12 Features

Red-Team

Metasploit Enhances AD CS Exploitation Capabilities with New PKCS12 Features

The latest Metasploit Framework update introduces significant improvements for Active Directory Certificate Services (AD CS) exploitation, particularly...

News

Popular LLMs Generate Vulnerable Code by Default: Risks and Mitigations

A recent study by Backslash Security reveals that popular large language models (LLMs) frequently produce code containing...

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

Threat Intelligence

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

The SANS Internet Storm Center (ISC) Stormcast for April 25, 2025, highlights critical cybersecurity developments, including SMS...

iPhone Malware Threat: Infostealer Campaign Targets 26M Users

Threat Intelligence

iPhone Malware Threat: Infostealer Campaign Targets 26M Users

A widespread malware campaign targeting iPhone users has escalated, with security experts warning of a surge in...

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

CVE News

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

A critical vulnerability (CVE-2025-46616) has been identified in Quantum StorNext Web GUI API versions prior to 7.2.4,...

Posts pagination

Previous 1 … 3 4 5 6 7 8 9 … 11 Next

RCE

ISC Stormcast: SAP NetWeaver Exploits and Steganographic Malware Trends

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

Global Surge in Automated Scanning Activity: Threat Landscape Analysis

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

ISC Stormcast April 28, 2025: Key Cybersecurity Threats and Tools

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

iPhone “Infostealer” Malware Threat: Analysis and Mitigation (2025 Update)

Windows “inetpub” Security Fix Exploited to Block Future Updates: Technical Analysis

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Metasploit Enhances AD CS Exploitation Capabilities with New PKCS12 Features

Popular LLMs Generate Vulnerable Code by Default: Risks and Mitigations

ISC Stormcast: SMS Gateway Scans, Commvault Exploit, and Emerging Threats (April 25, 2025)

iPhone Malware Threat: Infostealer Campaign Targets 26M Users

Critical RCE Vulnerability in Quantum StorNext Web GUI API (CVE-2025-46616)

You may have missed

Adobe Analytics Data Leak: Architectural Failure Exposes Cross-Tenant Data

Snapchat’s Shift to Paid Storage: A Technical Analysis of Cloud Service Monetization

Google’s Developer Registration Policy Threatens F-Droid’s Existence

Google Drive for Desktop Deploys AI-Powered Ransomware Detection and Recovery