exploited

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Chrome, exploited, Featured, Firefox, sandbox escape, Vulnerabilities, Zero-Day /

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia 2025-03-28 at 12:26 By Eduard Kovacs Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day. The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek. This […]

React to this headline:

Loading spinner

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia Read More »

Critical Next.js Vulnerability in Hacker Crosshairs

exploited, Next.js, Vulnerabilities, vulnerability /

Critical Next.js Vulnerability in Hacker Crosshairs 2025-03-26 at 12:55 By Ionut Arghire Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js. The post Critical Next.js Vulnerability in Hacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Critical Next.js Vulnerability in Hacker Crosshairs Read More »

Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots

DrayTek, exploited, Network Security, router /

Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots 2025-03-25 at 17:33 By Eduard Kovacs DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability. The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots Read More »

CISA Warns of Exploited Nakivo Vulnerability

CISA KEV, exploited, Nakivo, Vulnerabilities /

CISA Warns of Exploited Nakivo Vulnerability 2025-03-20 at 17:35 By Ionut Arghire CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list. The post CISA Warns of Exploited Nakivo Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Exploited Nakivo Vulnerability Read More »

Hackers Target Cisco Smart Licensing Utility Vulnerabilities

Cisco, exploited, Smart Licensing Utility, Vulnerabilities /

Hackers Target Cisco Smart Licensing Utility Vulnerabilities 2025-03-20 at 13:46 By Eduard Kovacs SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440. The post Hackers Target Cisco Smart Licensing Utility Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hackers Target Cisco Smart Licensing Utility Vulnerabilities Read More »

Paragon Spyware Attacks Exploited WhatsApp Zero-Day 

Citizen Lab, exploited, Featured, Graphite, Mobile & Wireless, Paragon, spyware, WhatsApp, Zero-Day /

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  2025-03-20 at 12:03 By Eduard Kovacs Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction. The post Paragon Spyware Attacks Exploited WhatsApp Zero-Day  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  Read More »

ChatGPT Vulnerability Exploited Against US Government Organizations

Artificial Intelligence, ChatGPT, exploited, Featured, Government, SSRF /

ChatGPT Vulnerability Exploited Against US Government Organizations 2025-03-18 at 12:02 By Ionut Arghire A year-old vulnerability in ChatGPT is being exploited against financial entities and US government organizations. The post ChatGPT Vulnerability Exploited Against US Government Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

ChatGPT Vulnerability Exploited Against US Government Organizations Read More »

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024

botnet, Edimax, exploited, Malware & Threats /

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 2025-03-13 at 21:08 By Eduard Kovacs A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year. The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 Read More »

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign

exploited, Grafana, Malware & Threats /

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign 2025-03-13 at 17:17 By Ionut Arghire Threat actors are likely targeting Grafana path traversal bugs for reconnaissance in a SSRF exploitation campaign targeting popular platforms. The post Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign Read More »

Newly Patched Windows Zero-Day Exploited for Two Years

exploited, Vulnerabilities, Windows, Zero-Day /

Newly Patched Windows Zero-Day Exploited for Two Years 2025-03-12 at 14:18 By Ionut Arghire Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023. The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Newly Patched Windows Zero-Day Exploited for Two Years Read More »

Edimax Says No Patches Coming for Zero-Day Exploited by Botnets

botnet, camera, Edimax, exploited, IoT Security /

Edimax Says No Patches Coming for Zero-Day Exploited by Botnets 2025-03-11 at 14:43 By Eduard Kovacs Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago. The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Edimax Says No Patches Coming for Zero-Day Exploited by Botnets Read More »

CISA Warns of Ivanti EPM Vulnerability Exploitation

CISA KEV, exploited, Ivanti, Vulnerabilities /

CISA Warns of Ivanti EPM Vulnerability Exploitation 2025-03-11 at 13:45 By Ionut Arghire CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Ivanti EPM Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Warns of Ivanti EPM Vulnerability Exploitation Read More »

Mass Exploitation of Critical PHP Vulnerability Begins

exploited, Malware & Threats, PHP /

Mass Exploitation of Critical PHP Vulnerability Begins 2025-03-10 at 14:02 By Ionut Arghire GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers. The post Mass Exploitation of Critical PHP Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Mass Exploitation of Critical PHP Vulnerability Begins Read More »

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

botnet, camera, Edimax, exploited, Featured, IoT Security, Malware & Threats, Mirai, Zero-Day /

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets 2025-03-07 at 10:31 By Eduard Kovacs Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution. The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets Read More »

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

ESX, exploited, Featured, VMWare, Vulnerabilities, Zero-Day /

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks 2025-03-06 at 12:03 By Eduard Kovacs Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days. The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first

React to this headline:

Loading spinner

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks Read More »

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

exploited, Featured, VMWare, Vulnerabilities, vulnerability /

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild 2025-03-04 at 14:22 By Eduard Kovacs Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild Read More »

Google Patches Pair of Exploited Vulnerabilities in Android

Android, exploited, Mobile & Wireless, Vulnerabilities /

Google Patches Pair of Exploited Vulnerabilities in Android 2025-03-04 at 13:52 By Ionut Arghire Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild. The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Google Patches Pair of Exploited Vulnerabilities in Android Read More »

Exploitation Long Known for Most of CISA’s Latest KEV Additions

CISA KEV, exploited, Vulnerabilities, vulnerability /

Exploitation Long Known for Most of CISA’s Latest KEV Additions 2025-03-04 at 13:02 By Eduard Kovacs Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Exploitation Long Known for Most of CISA’s Latest KEV Additions Read More »

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw

exploited, Krpano, vr, Vulnerabilities, XSS /

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw 2025-02-27 at 15:22 By Eduard Kovacs The websites of dozens of major private and government organizations have been abused in a massive spam campaign that involves exploitation of a vulnerability affecting widely used virtual tour software. The attacks were observed recently by

React to this headline:

Loading spinner

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw Read More »

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability

Agile PLM, CISA KEV, exploited, Oracle, Vulnerabilities /

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability 2025-02-25 at 13:43 By Eduard Kovacs CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog.  The post CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability Read More »

Scroll to Top