CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries 2026-01-05 at 17:15 By Ionut Arghire With 24 new vulnerabilities known to be exploited by ransomware groups, the list now includes 1,484 software and hardware flaws. The post CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries appeared first on SecurityWeek. This article is […]
CISA KEV Catalog Expanded 20% in 2025, Topping 1,480 Entries Read More »
CISA Warns of Exploited Flaw in Asus Update Tool 2025-12-18 at 15:37 By Ionut Arghire Tracked as CVE-2025-59374, the issue is a software backdoor implanted in Asus Live Update in a supply chain attack. The post CISA Warns of Exploited Flaw in Asus Update Tool appeared first on SecurityWeek. This article is an excerpt from
CISA Warns of Exploited Flaw in Asus Update Tool Read More »
Recent GeoServer Vulnerability Exploited in Attacks 2025-12-12 at 15:31 By Ionut Arghire Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request. The post Recent GeoServer Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Recent GeoServer Vulnerability Exploited in Attacks Read More »
CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack 2025-12-01 at 13:14 By Eduard Kovacs CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack Read More »
Critical WatchGuard Firebox Vulnerability Exploited in Attacks 2025-11-13 at 14:40 By Ionut Arghire Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. The post Critical WatchGuard Firebox Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical WatchGuard Firebox Vulnerability Exploited in Attacks Read More »
CISA Warns of CWP Vulnerability Exploited in the Wild 2025-11-05 at 10:08 By Eduard Kovacs A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution. The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
CISA Warns of CWP Vulnerability Exploited in the Wild Read More »
CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog 2025-10-31 at 13:59 By Ionut Arghire Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation. The post CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog Read More »
CISA Warns of Exploited DELMIA Factory Software Vulnerabilities 2025-10-29 at 11:41 By Ionut Arghire Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely. The post CISA Warns of Exploited DELMIA Factory Software Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
CISA Warns of Exploited DELMIA Factory Software Vulnerabilities Read More »
CISA Confirms Exploitation of Latest Oracle EBS Vulnerability 2025-10-21 at 11:54 By Eduard Kovacs The cybersecurity agency has added CVE-2025-61884 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Confirms Exploitation of Latest Oracle EBS Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CISA Confirms Exploitation of Latest Oracle EBS Vulnerability Read More »
Organizations Warned of Exploited Adobe AEM Forms Vulnerability 2025-10-16 at 17:45 By Ionut Arghire A public PoC existed when Adobe patched the Experience Manager Forms (AEM Forms) bug in early August. The post Organizations Warned of Exploited Adobe AEM Forms Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Organizations Warned of Exploited Adobe AEM Forms Vulnerability Read More »
Organizations Warned of Exploited Meteobridge Vulnerability 2025-10-03 at 13:49 By Ionut Arghire Patched in mid-May, the security defect allows remote unauthenticated attackers to execute arbitrary commands with root privileges. The post Organizations Warned of Exploited Meteobridge Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Organizations Warned of Exploited Meteobridge Vulnerability Read More »
Organizations Warned of Exploited Git Vulnerability 2025-08-26 at 11:29 By Ionut Arghire CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote code execution. The post Organizations Warned of Exploited Git Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Organizations Warned of Exploited Git Vulnerability Read More »
CISA Warns of Attacks Exploiting N-able Vulnerabilities 2025-08-14 at 15:32 By Eduard Kovacs CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched. The post CISA Warns of Attacks Exploiting N-able Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CISA Warns of Attacks Exploiting N-able Vulnerabilities Read More »
Organizations Warned of Exploited PaperCut Flaw 2025-07-29 at 14:52 By Ionut Arghire Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely. The post Organizations Warned of Exploited PaperCut Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Organizations Warned of Exploited PaperCut Flaw Read More »
CISA Warns of SysAid Vulnerability Exploitation 2025-07-23 at 12:27 By Eduard Kovacs CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog. The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CISA Warns of SysAid Vulnerability Exploitation Read More »
CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA 2025-07-14 at 17:58 By Ionut Arghire CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA Read More »
CISA Warns of Two Exploited TeleMessage Vulnerabilities 2025-07-02 at 12:02 By Ionut Arghire CISA says two more vulnerabilities in the messaging application TeleMessage TM SGNL have been exploited in the wild. The post CISA Warns of Two Exploited TeleMessage Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CISA Warns of Two Exploited TeleMessage Vulnerabilities Read More »
CISA Warns AMI BMC Vulnerability Exploited in the Wild 2025-06-26 at 13:16 By Ionut Arghire CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an
CISA Warns AMI BMC Vulnerability Exploited in the Wild Read More »
Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation 2025-06-18 at 15:33 By Eduard Kovacs Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old
Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation Read More »
Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers 2025-06-17 at 14:01 By Ionut Arghire CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers Read More »