exploited

Critical Commvault Vulnerability in Attacker Crosshairs

Commvault, exploited, Vulnerabilities, vulnerability /

Critical Commvault Vulnerability in Attacker Crosshairs 2025-05-05 at 15:32 By Ionut Arghire CISA has flagged a critical-severity Commvault vulnerability as exploited one week after technical details were released. The post Critical Commvault Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Commvault Vulnerability in Attacker Crosshairs Read More »

PoC Published for Exploited SonicWall Vulnerabilities

CISA KEV, exploited, PoC, SonicWall, Vulnerabilities /

PoC Published for Exploited SonicWall Vulnerabilities 2025-05-05 at 13:06 By Ionut Arghire PoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog. The post PoC Published for Exploited SonicWall Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

PoC Published for Exploited SonicWall Vulnerabilities Read More »

More Details Come to Light on Commvault Vulnerability Exploitation

Commvault, exploited, Vulnerabilities, Zero-Day /

More Details Come to Light on Commvault Vulnerability Exploitation 2025-05-01 at 15:03 By Ionut Arghire Commvault has shared indicators of compromise associated with the exploitation of a vulnerability by state-sponsored hackers. The post More Details Come to Light on Commvault Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

More Details Come to Light on Commvault Vulnerability Exploitation Read More »

SonicWall Flags Two More Vulnerabilities as Exploited

exploited, SonicWall, Vulnerabilities, vulnerability /

SonicWall Flags Two More Vulnerabilities as Exploited 2025-05-01 at 13:01 By Ionut Arghire SonicWall has updated the advisories for two vulnerabilities to warn that they are being exploited in the wild. The post SonicWall Flags Two More Vulnerabilities as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SonicWall Flags Two More Vulnerabilities as Exploited Read More »

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks

exploited, SAP, Vulnerabilities, Zero-Day /

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks 2025-04-29 at 13:34 By Ionut Arghire More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability. The post Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks Read More »

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities

Broadcom, CISA KEV, Commvault, exploited, Vulnerabilities /

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities 2025-04-29 at 12:02 By Ionut Arghire CISA urges immediate patching for recently disclosed Broadcom, Commvault, and Qualitia vulnerabilities exploited in the wild. The post CISA Warns of Exploited Broadcom, Commvault Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities Read More »

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites

CMS, Craft, exploited, Vulnerabilities, vulnerability, Zero-Day /

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites 2025-04-28 at 17:32 By Ionut Arghire Threat actors have exploited a zero-day vulnerability in Craft CMS to execute PHP code on hundreds of websites. The post Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites Read More »

SAP Zero-Day Possibly Exploited by Initial Access Broker

exploited, Featured, initial access broker, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Possibly Exploited by Initial Access Broker 2025-04-25 at 12:38 By Ionut Arghire A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications. The post SAP Zero-Day Possibly Exploited by Initial Access Broker appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Zero-Day Possibly Exploited by Initial Access Broker Read More »

Fresh Windows NTLM Vulnerability Exploited in Attacks

exploited, Featured, NTLM, Vulnerabilities, Windows /

Fresh Windows NTLM Vulnerability Exploited in Attacks 2025-04-18 at 11:30 By Ionut Arghire A Windows NTLM vulnerability patched in March has been exploited in attacks targeting government and private institutions. The post Fresh Windows NTLM Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Fresh Windows NTLM Vulnerability Exploited in Attacks Read More »

SonicWall Flags Old Vulnerability as Actively Exploited

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability /

SonicWall Flags Old Vulnerability as Actively Exploited 2025-04-17 at 14:05 By Eduard Kovacs A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild. The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

SonicWall Flags Old Vulnerability as Actively Exploited Read More »

Vulnerability in OttoKit WordPress Plugin Exploited in the Wild

exploited, Vulnerabilities, WordPress, WordPress plugin /

Vulnerability in OttoKit WordPress Plugin Exploited in the Wild 2025-04-11 at 15:17 By Ionut Arghire A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild. The post Vulnerability in OttoKit WordPress Plugin Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Vulnerability in OttoKit WordPress Plugin Exploited in the Wild Read More »

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days

CentreStack, CISA KEV, exploited, Gladinet CentreStack, Vulnerabilities /

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days 2025-04-09 at 14:24 By Ionut Arghire CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog. The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days Read More »

ESET Vulnerability Exploited for Stealthy Malware Execution

ESET, exploited, ToddyCat, Vulnerabilities, vulnerability /

ESET Vulnerability Exploited for Stealthy Malware Execution 2025-04-08 at 15:32 By Ionut Arghire A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery. The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

ESET Vulnerability Exploited for Stealthy Malware Execution Read More »

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk

exploited, Ivanti, Vulnerabilities, vulnerability /

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk 2025-04-08 at 13:58 By Ionut Arghire More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk Read More »

Android Update Patches Two Exploited Vulnerabilities

Android, Cellebrite, exploited, Featured, Mobile & Wireless, USB /

Android Update Patches Two Exploited Vulnerabilities 2025-04-08 at 13:26 By Ionut Arghire Android’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs. The post Android Update Patches Two Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Android Update Patches Two Exploited Vulnerabilities Read More »

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks

CrushFTP, CVE-2025-31161, exploited, Malware & Threats /

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks 2025-04-08 at 12:06 By Eduard Kovacs Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability. The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks Read More »

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability 

CrushFTP, CVE, exploited, Featured, Vulnerabilities /

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  2025-04-03 at 13:31 By Eduard Kovacs Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  Read More »

Questions Remain Over Attacks Causing DrayTek Router Reboots

DrayTek, exploited, Network Security, router /

Questions Remain Over Attacks Causing DrayTek Router Reboots 2025-04-02 at 13:33 By Eduard Kovacs DrayTek has shared some clarifications regarding the recent attacks causing router reboots, but some questions remain unanswered.  The post Questions Remain Over Attacks Causing DrayTek Router Reboots appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Questions Remain Over Attacks Causing DrayTek Router Reboots Read More »

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

CrushFTP, exploited, Vulnerabilities, vulnerability /

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability 2025-04-01 at 14:21 By Eduard Kovacs Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability Read More »

Apple Patches Recent Zero-Days in Older iPhones

apple, exploited, iOS, macOS, patch, Vulnerabilities, Zero-Day /

Apple Patches Recent Zero-Days in Older iPhones 2025-04-01 at 13:39 By Ionut Arghire Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models. The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches Recent Zero-Days in Older iPhones Read More »

Scroll to Top