exploited

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

China, China APT, exploited, Featured, Malware & Threats, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek. […]

React to this headline:

Loading spinner

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

exploited, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers 2025-07-21 at 12:50 By Eduard Kovacs Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers Read More »

Exploited CrushFTP Zero-Day Provides Admin Access to Servers

CrushFTP, exploited, Vulnerabilities, Zero-Day /

Exploited CrushFTP Zero-Day Provides Admin Access to Servers 2025-07-21 at 10:46 By Ionut Arghire Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Exploited CrushFTP Zero-Day Provides Admin Access to Servers Read More »

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication

exploited, Fortinet, FortiWeb, Vulnerabilities /

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication 2025-07-18 at 14:45 By Ionut Arghire Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Read More »

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable

Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable 2025-07-18 at 13:18 By Ionut Arghire The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied. The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable Read More »

Chrome Update Patches Fifth Zero-Day of 2025

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome Update Patches Fifth Zero-Day of 2025 2025-07-16 at 10:01 By Ionut Arghire Google has released a Chrome 138 security update that patches a zero-day, the fifth resolved in the browser this year. The post Chrome Update Patches Fifth Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chrome Update Patches Fifth Zero-Day of 2025 Read More »

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA

CISA KEV, Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA 2025-07-14 at 17:58 By Ionut Arghire CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA Read More »

Critical Wing FTP Server Vulnerability Exploited

exploited, Vulnerabilities, vulnerability, Wing FTP server /

Critical Wing FTP Server Vulnerability Exploited 2025-07-11 at 12:32 By Ionut Arghire Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Wing FTP Server Vulnerability Exploited Read More »

CISA Warns of Two Exploited TeleMessage Vulnerabilities 

CISA KEV, exploited, TeleMessage, Vulnerabilities /

CISA Warns of Two Exploited TeleMessage Vulnerabilities  2025-07-02 at 12:02 By Ionut Arghire CISA says two more vulnerabilities in the messaging application TeleMessage TM SGNL have been exploited in the wild. The post CISA Warns of Two Exploited TeleMessage Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

CISA Warns of Two Exploited TeleMessage Vulnerabilities  Read More »

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities

Citrix, CitrixBleed 2, exploited, Vulnerabilities /

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities 2025-07-01 at 13:03 By Ionut Arghire Many Citrix NetScaler systems are exposed to attacks exploiting the vulnerabilities tracked as CVE-2025-5777 and CVE-2025-6543. The post Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities Read More »

Chrome 138 Update Patches Zero-Day Vulnerability

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome 138 Update Patches Zero-Day Vulnerability 2025-07-01 at 10:02 By Ionut Arghire Google has released a Chrome 138 update that patches a high-severity vulnerability with an exploit in the wild. The post Chrome 138 Update Patches Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Chrome 138 Update Patches Zero-Day Vulnerability Read More »

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability

Citrix, CitrixBleed 2, exploited, Featured, NetScaler, Vulnerabilities /

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability 2025-06-27 at 12:13 By Eduard Kovacs The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access. The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability Read More »

CISA Warns AMI BMC Vulnerability Exploited in the Wild

AMI, BMC, CISA KEV, exploited, Vulnerabilities /

CISA Warns AMI BMC Vulnerability Exploited in the Wild 2025-06-26 at 13:16 By Ionut Arghire CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

CISA Warns AMI BMC Vulnerability Exploited in the Wild Read More »

Critical Citrix NetScaler Flaw Exploited as Zero-Day

Citrix, exploited, NetScaler, Vulnerabilities, Zero-Day /

Critical Citrix NetScaler Flaw Exploited as Zero-Day 2025-06-26 at 10:17 By Ionut Arghire Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day. The post Critical Citrix NetScaler Flaw Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Critical Citrix NetScaler Flaw Exploited as Zero-Day Read More »

Motors Theme Vulnerability Exploited to Hack WordPress Websites

exploited, Vulnerabilities, vulnerability, WordPress /

Motors Theme Vulnerability Exploited to Hack WordPress Websites 2025-06-20 at 14:22 By Ionut Arghire Threat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords. The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Motors Theme Vulnerability Exploited to Hack WordPress Websites Read More »

FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks

exploited, Featured, FreeType, Paragon, spyware, Vulnerabilities, WhatsApp, Zero-Day /

FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks 2025-06-20 at 13:25 By Eduard Kovacs WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit. The post FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks Read More »

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation

CISA KEV, exploited, kernel, Linux, Vulnerabilities, vulnerability /

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation 2025-06-18 at 15:33 By Eduard Kovacs Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old

React to this headline:

Loading spinner

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation Read More »

Chrome 137 Update Patches High-Severity Vulnerabilities

Chrome, exploited, Russia, Vulnerabilities, vulnerability /

Chrome 137 Update Patches High-Severity Vulnerabilities 2025-06-18 at 12:52 By Ionut Arghire Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components. The post Chrome 137 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chrome 137 Update Patches High-Severity Vulnerabilities Read More »

Zyxel Firewall Vulnerability Again in Attacker Crosshairs

exploited, firewall, Vulnerabilities, Zyxel /

Zyxel Firewall Vulnerability Again in Attacker Crosshairs 2025-06-17 at 16:33 By Ionut Arghire GreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls. The post Zyxel Firewall Vulnerability Again in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Zyxel Firewall Vulnerability Again in Attacker Crosshairs Read More »

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers

CISA KEV, exploited, router, TP-LINK, Vulnerabilities, vulnerability /

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers 2025-06-17 at 14:01 By Ionut Arghire CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers Read More »

Scroll to Top