vulnerability

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

CVE News

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

Technical details surrounding CVE-2025-20188, a maximum-severity arbitrary file upload vulnerability affecting Cisco IOS XE Wireless LAN Controller...

ConnectWise ScreenConnect Breach: Nation-State Attack Analysis and Mitigation

APT-News

ConnectWise ScreenConnect Breach: Nation-State Attack Analysis and Mitigation

ConnectWise, a leading IT management software provider, confirmed a cyberattack targeting its ScreenConnect remote access tool in...

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

CVE News

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

A newly identified weakness in Apple’s Safari browser enables attackers to execute fullscreen browser-in-the-middle (BitM) attacks, potentially...

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

Red-Team

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

A newly discovered botnet named **PumaBot** is actively targeting Linux-based IoT devices by brute-forcing SSH credentials to...

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Threat Intelligence

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Over 9,000 ASUS routers have been compromised by the “AyySSHush” botnet, which installs persistent SSH backdoors to...

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Blue-Team

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Security teams are inundated with vulnerability alerts daily, but not every “critical” CVE warrants an emergency response....

Emergency Update Resolves Hyper-V VM Freezes on Windows Server 2022

News

Emergency Update Resolves Hyper-V VM Freezes on Windows Server 2022

Microsoft has released an out-of-band (OOB) update to address a critical issue causing Hyper-V virtual machines (VMs)...

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Threat Intelligence

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

Security researchers have identified 60 malicious packages in the NPM registry that collect sensitive host and network...

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

Cyber Laws & Regulations

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

The Federal Trade Commission (FTC) has finalized a settlement requiring GoDaddy to implement sweeping security reforms after...

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

CVE News

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

A critical authentication bypass vulnerability (CVE-2025-47949) in the Node.js SAML library samlify allows attackers to forge admin-level...

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

Threat Intelligence

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

A recent campaign involving over 100 malicious Google Chrome extensions has been discovered impersonating legitimate tools such...

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

CVE News

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

A critical privilege escalation vulnerability (CVE-2025-4322) has been identified in the premium WordPress Motors theme, allowing unauthenticated...

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

CVE News

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

A recently discovered vulnerability in O2 UK’s implementation of Voice over LTE (VoLTE) and WiFi Calling technologies...

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

CVE News

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Microsoft has addressed a critical issue affecting dual-boot systems where Linux distributions failed to boot after installing...

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

CVE News

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

Microsoft has released cumulative updates KB5058411 and KB5058405 for Windows 11 versions 24H2 and 23H2, addressing security...

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

CVE News

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Fortinet has released urgent security updates to address a critical remote code execution (RCE) vulnerability actively exploited...

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

CVE News

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

Ivanti has issued urgent security updates for its Neurons for ITSM IT service management solution, addressing a...

Posts pagination

Previous 1 2 3 4 5 6 … 19 Next

vulnerability

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

ConnectWise ScreenConnect Breach: Nation-State Attack Analysis and Mitigation

Apple Safari Fullscreen BitM Attack: Exploitation and Mitigation

PumaBot: A New Go-Based Botnet Targeting IoT Devices via SSH Brute-Forcing

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Malicious NPM Packages Exfiltrate Host and Network Data via Discord Webhooks

FTC Mandates GoDaddy Security Overhaul Following Systemic Data Breaches

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

Malicious Chrome Extensions Impersonating VPNs and AI Tools Steal User Data

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

You may have missed

Windows 11’s Shift to JScript9Legacy: Security Gains and Compatibility Trade-offs

Nvidia Hits $4 Trillion Market Cap: AI Dominance and Security Implications

PerfektBlue Bluetooth Vulnerabilities Expose Critical Automotive Systems to Remote Attacks

FBI CJIS Security Policy: Technical Breakdown of Password, MFA, and Access Control Requirements