exploited

CISA Warns of Attacks Exploiting Craft CMS Vulnerability

CISA KEV, Craft, exploited, Vulnerabilities /

CISA Warns of Attacks Exploiting Craft CMS Vulnerability 2025-02-21 at 13:48 By Eduard Kovacs CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Craft CMS Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Craft CMS Vulnerability Read More »

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

CISA KEV, exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls 2025-02-21 at 13:21 By Eduard Kovacs Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks. The post Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls Read More »

Microsoft Patches Exploited Power Pages Vulnerability

exploited, Featured, Microsoft, Power Pages, Vulnerabilities /

Microsoft Patches Exploited Power Pages Vulnerability 2025-02-20 at 12:49 By Eduard Kovacs Microsoft has patched CVE-2025-24989, a Power Pages privilege escalation vulnerability that has been exploited in attacks. The post Microsoft Patches Exploited Power Pages Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Patches Exploited Power Pages Vulnerability Read More »

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability

exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability 2025-02-18 at 13:20 By Eduard Kovacs Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited. The post Palo Alto Networks Confirms Exploitation of Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability Read More »

SonicWall Firewall Vulnerability Exploited After PoC Publication

exploited, firewall, SonicWall, Vulnerabilities, vulnerability /

SonicWall Firewall Vulnerability Exploited After PoC Publication 2025-02-14 at 14:36 By Ionut Arghire The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published. The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

SonicWall Firewall Vulnerability Exploited After PoC Publication Read More »

New Windows Zero-Day Exploited by Chinese APT: Security Firm

China, exploited, Mustang Panda, Vulnerabilities, Windows, Zero-Day /

New Windows Zero-Day Exploited by Chinese APT: Security Firm 2025-02-14 at 13:52 By Eduard Kovacs ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.  The post New Windows Zero-Day Exploited by Chinese APT: Security Firm appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

New Windows Zero-Day Exploited by Chinese APT: Security Firm Read More »

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure

exploited, firewall, Palo Alto Networks, Vulnerabilities /

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure 2025-02-14 at 13:24 By Eduard Kovacs Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure.  The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure Read More »

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges

exploited, ownCloud, ThinkPHP, Vulnerabilities, vulnerability /

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges 2025-02-13 at 13:33 By Ionut Arghire Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks. The post Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges Read More »

Trimble Cityworks Customers Warned of Zero-Day Exploitation

CityWorks, exploited, ICS, ICS/OT, Trimble, Zero-Day /

Trimble Cityworks Customers Warned of Zero-Day Exploitation 2025-02-07 at 12:05 By Eduard Kovacs Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware. The post Trimble Cityworks Customers Warned of Zero-Day Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Trimble Cityworks Customers Warned of Zero-Day Exploitation Read More »

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

7-Zip, exploited, Malware & Threats, Russia, Ukraine, Zero-Day /

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine 2025-02-05 at 14:09 By Ionut Arghire Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine Read More »

CISA Issues Exploitation Warning for .NET Vulnerability

.NET, CISA KEV, exploited, Vulnerabilities /

CISA Issues Exploitation Warning for .NET Vulnerability 2025-02-05 at 13:06 By Eduard Kovacs CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog. The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Issues Exploitation Warning for .NET Vulnerability Read More »

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days

exploited, unpatched, Vulnerabilities, Zyxel /

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days 2025-02-05 at 12:01 By Ionut Arghire Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched. The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days Read More »

Exploitation of Over 700 Vulnerabilities Came to Light in 2024

exploited, Vulnerabilities, vulnerability /

Exploitation of Over 700 Vulnerabilities Came to Light in 2024 2025-02-04 at 19:34 By Ionut Arghire The number of vulnerabilities first reported as exploited surged last year amid a decrease in zero-day reports. The post Exploitation of Over 700 Vulnerabilities Came to Light in 2024 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Exploitation of Over 700 Vulnerabilities Came to Light in 2024 Read More »

Vulnerability Patched in Android Possibly Exploited by Forensic Tools

Android, exploited, Featured, forensic, Mobile & Wireless /

Vulnerability Patched in Android Possibly Exploited by Forensic Tools 2025-02-04 at 13:03 By Ionut Arghire The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. The post Vulnerability Patched in Android Possibly Exploited by Forensic Tools appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Vulnerability Patched in Android Possibly Exploited by Forensic Tools Read More »

Aquabot Botnet Targeting Vulnerable Mitel Phones

Aquabot, botnet, exploited, Malware & Threats, Mirai, Mitel /

Aquabot Botnet Targeting Vulnerable Mitel Phones 2025-01-29 at 14:18 By Ionut Arghire The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists. The post Aquabot Botnet Targeting Vulnerable Mitel Phones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Aquabot Botnet Targeting Vulnerable Mitel Phones Read More »

SimpleHelp Remote Access Software Exploited in Attacks

exploited, Identity & Access, remote access, SimpleHelp, Vulnerabilities /

SimpleHelp Remote Access Software Exploited in Attacks 2025-01-29 at 12:48 By Ionut Arghire Threat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities. The post SimpleHelp Remote Access Software Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

SimpleHelp Remote Access Software Exploited in Attacks Read More »

SonicWall Confirms Exploitation of New SMA Zero-Day

exploited, SMA, SonicWall, Vulnerabilities, Zero-Day /

SonicWall Confirms Exploitation of New SMA Zero-Day 2025-01-28 at 13:33 By Eduard Kovacs SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

SonicWall Confirms Exploitation of New SMA Zero-Day Read More »

Apple Patches First Exploited iOS Zero-Day of 2025

apple, exploited, Featured, iOS, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Patches First Exploited iOS Zero-Day of 2025 2025-01-28 at 13:03 By Ionut Arghire Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches First Exploited iOS Zero-Day of 2025 Read More »

Building Automation Protocols Increasingly Targeted in OT Attacks: Report

exploited, ICS, ICS/OT, OT /

Building Automation Protocols Increasingly Targeted in OT Attacks: Report 2025-01-27 at 16:04 By Eduard Kovacs Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted.  The post Building Automation Protocols Increasingly Targeted in OT Attacks: Report appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Building Automation Protocols Increasingly Targeted in OT Attacks: Report Read More »

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT

CISA KEV, exploited, jQuery, Vulnerabilities /

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT 2025-01-24 at 18:01 By Eduard Kovacs CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog.   The post CISA Warns of Old jQuery Vulnerability Linked to Chinese APT appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT Read More »

Scroll to Top