exploited

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI 2025-08-21 at 14:16 By Ionut Arghire Russian state-sponsored hackers tracked as Static Tundra continue to target Cisco devices affected by CVE-2018-0171. The post Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI Read More »

New Exploit Poses Threat to SAP NetWeaver Instances

New Exploit Poses Threat to SAP NetWeaver Instances 2025-08-19 at 15:59 By Ionut Arghire A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. The post New Exploit Poses Threat to SAP NetWeaver Instances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

New Exploit Poses Threat to SAP NetWeaver Instances Read More »

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities 2025-08-18 at 15:25 By Ionut Arghire More than 870 N-able N-central instances have not been patched against CVE-2025-8875 and CVE-2025-8876, two exploited vulnerabilities. The post Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities Read More »

CISA Warns of Attacks Exploiting N-able Vulnerabilities

CISA Warns of Attacks Exploiting N-able Vulnerabilities 2025-08-14 at 15:32 By Eduard Kovacs CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched. The post CISA Warns of Attacks Exploiting N-able Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Warns of Attacks Exploiting N-able Vulnerabilities Read More »

OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability

OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability 2025-08-12 at 12:08 By Eduard Kovacs The recently patched Erlang/OTP flaw CVE-2025-32433 has been exploited since early May, shortly after its existence came to light. The post OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability appeared first on SecurityWeek. This article is an excerpt from

OT Networks Targeted in Widespread Exploitation of Erlang/OTP Vulnerability Read More »

Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada

Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada 2025-08-11 at 12:55 By Eduard Kovacs WinRAR has patched CVE-2025-8088, a zero-day exploited by Russia’s RomCom in attacks on financial, defense, manufacturing and logistics companies. The post Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada appeared first on SecurityWeek. This article is an

Russian Hackers Exploited WinRAR Zero-Day in Attacks on Europe, Canada Read More »

SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability

SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability 2025-08-07 at 20:23 By Eduard Kovacs SonicWall has been investigating reports about a zero-day potentially being exploited in ransomware attacks, but found no evidence of a new vulnerability.  The post SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt

SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability Read More »

Trend Micro Patches Apex One Vulnerabilities Exploited in Wild

Trend Micro Patches Apex One Vulnerabilities Exploited in Wild 2025-08-06 at 18:08 By Eduard Kovacs Trend Micro has rushed to fix two Apex One zero-days that may have been exploited by Chinese threat actors. The post Trend Micro Patches Apex One Vulnerabilities Exploited in Wild appeared first on SecurityWeek. This article is an excerpt from

Trend Micro Patches Apex One Vulnerabilities Exploited in Wild Read More »

Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability

Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability 2025-08-05 at 13:16 By Ionut Arghire Android’s light August 2025 security update resolves an Adreno GPU vulnerability confirmed as exploited in June. The post Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability Read More »

Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome

Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome 2025-07-30 at 11:54 By Ionut Arghire Tracked as CVE-2025-6558, the flaw was found in Chrome’s ANGLE and GPU components and was flagged as exploited by Google TAG. The post Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome appeared first on SecurityWeek. This article is an

Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome Read More »

Organizations Warned of Exploited PaperCut Flaw

Organizations Warned of Exploited PaperCut Flaw 2025-07-29 at 14:52 By Ionut Arghire Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely. The post Organizations Warned of Exploited PaperCut Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited PaperCut Flaw Read More »

Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations

Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations 2025-07-28 at 11:33 By Eduard Kovacs The Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain unpatched. The post Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations appeared first on SecurityWeek.

Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities 2025-07-23 at 12:27 By Ionut Arghire Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution. The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities Read More »

CISA Warns of SysAid Vulnerability Exploitation

CISA Warns of SysAid Vulnerability Exploitation 2025-07-23 at 12:27 By Eduard Kovacs CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog. The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Warns of SysAid Vulnerability Exploitation Read More »

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch 2025-07-22 at 20:47 By Eduard Kovacs Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days. The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek. This article is an excerpt

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers 2025-07-21 at 12:50 By Eduard Kovacs Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers Read More »

Exploited CrushFTP Zero-Day Provides Admin Access to Servers

Exploited CrushFTP Zero-Day Provides Admin Access to Servers 2025-07-21 at 10:46 By Ionut Arghire Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploited CrushFTP Zero-Day Provides Admin Access to Servers Read More »

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication 2025-07-18 at 14:45 By Ionut Arghire Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek. This article is an excerpt from

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Read More »

Scroll to Top