exploited

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities

Cisco, Cisco ISE, exploited, Vulnerabilities, vulnerability /

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities 2025-07-23 at 12:27 By Ionut Arghire Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution. The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities Read More »

CISA Warns of SysAid Vulnerability Exploitation

CISA KEV, exploited, SysAid, Vulnerabilities /

CISA Warns of SysAid Vulnerability Exploitation 2025-07-23 at 12:27 By Eduard Kovacs CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog. The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Warns of SysAid Vulnerability Exploitation Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

China APT, exploited, Malware & Threats, Microsoft, SharePoint, ToolShell, Zero-Day /

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

China, China APT, exploited, Featured, Malware & Threats, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

React to this headline:

Loading spinner

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

exploited, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers 2025-07-21 at 12:50 By Eduard Kovacs Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers Read More »

Exploited CrushFTP Zero-Day Provides Admin Access to Servers

CrushFTP, exploited, Vulnerabilities, Zero-Day /

Exploited CrushFTP Zero-Day Provides Admin Access to Servers 2025-07-21 at 10:46 By Ionut Arghire Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Exploited CrushFTP Zero-Day Provides Admin Access to Servers Read More »

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication

exploited, Fortinet, FortiWeb, Vulnerabilities /

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication 2025-07-18 at 14:45 By Ionut Arghire Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Read More »

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable

Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable 2025-07-18 at 13:18 By Ionut Arghire The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied. The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable Read More »

Chrome Update Patches Fifth Zero-Day of 2025

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome Update Patches Fifth Zero-Day of 2025 2025-07-16 at 10:01 By Ionut Arghire Google has released a Chrome 138 security update that patches a zero-day, the fifth resolved in the browser this year. The post Chrome Update Patches Fifth Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chrome Update Patches Fifth Zero-Day of 2025 Read More »

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA

CISA KEV, Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA 2025-07-14 at 17:58 By Ionut Arghire CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA Read More »

Critical Wing FTP Server Vulnerability Exploited

exploited, Vulnerabilities, vulnerability, Wing FTP server /

Critical Wing FTP Server Vulnerability Exploited 2025-07-11 at 12:32 By Ionut Arghire Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Wing FTP Server Vulnerability Exploited Read More »

CISA Warns of Two Exploited TeleMessage Vulnerabilities 

CISA KEV, exploited, TeleMessage, Vulnerabilities /

CISA Warns of Two Exploited TeleMessage Vulnerabilities  2025-07-02 at 12:02 By Ionut Arghire CISA says two more vulnerabilities in the messaging application TeleMessage TM SGNL have been exploited in the wild. The post CISA Warns of Two Exploited TeleMessage Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

CISA Warns of Two Exploited TeleMessage Vulnerabilities  Read More »

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities

Citrix, CitrixBleed 2, exploited, Vulnerabilities /

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities 2025-07-01 at 13:03 By Ionut Arghire Many Citrix NetScaler systems are exposed to attacks exploiting the vulnerabilities tracked as CVE-2025-5777 and CVE-2025-6543. The post Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities Read More »

Chrome 138 Update Patches Zero-Day Vulnerability

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome 138 Update Patches Zero-Day Vulnerability 2025-07-01 at 10:02 By Ionut Arghire Google has released a Chrome 138 update that patches a high-severity vulnerability with an exploit in the wild. The post Chrome 138 Update Patches Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Chrome 138 Update Patches Zero-Day Vulnerability Read More »

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability

Citrix, CitrixBleed 2, exploited, Featured, NetScaler, Vulnerabilities /

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability 2025-06-27 at 12:13 By Eduard Kovacs The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access. The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability Read More »

CISA Warns AMI BMC Vulnerability Exploited in the Wild

AMI, BMC, CISA KEV, exploited, Vulnerabilities /

CISA Warns AMI BMC Vulnerability Exploited in the Wild 2025-06-26 at 13:16 By Ionut Arghire CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

CISA Warns AMI BMC Vulnerability Exploited in the Wild Read More »

Critical Citrix NetScaler Flaw Exploited as Zero-Day

Citrix, exploited, NetScaler, Vulnerabilities, Zero-Day /

Critical Citrix NetScaler Flaw Exploited as Zero-Day 2025-06-26 at 10:17 By Ionut Arghire Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day. The post Critical Citrix NetScaler Flaw Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Critical Citrix NetScaler Flaw Exploited as Zero-Day Read More »

Motors Theme Vulnerability Exploited to Hack WordPress Websites

exploited, Vulnerabilities, vulnerability, WordPress /

Motors Theme Vulnerability Exploited to Hack WordPress Websites 2025-06-20 at 14:22 By Ionut Arghire Threat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords. The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Motors Theme Vulnerability Exploited to Hack WordPress Websites Read More »

FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks

exploited, Featured, FreeType, Paragon, spyware, Vulnerabilities, WhatsApp, Zero-Day /

FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks 2025-06-20 at 13:25 By Eduard Kovacs WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit. The post FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks Read More »

Scroll to Top