exploited

SonicWall Confirms Exploitation of New SMA Zero-Day

exploited, SMA, SonicWall, Vulnerabilities, Zero-Day /

SonicWall Confirms Exploitation of New SMA Zero-Day 2025-01-28 at 13:33 By Eduard Kovacs SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to […]

React to this headline:

Loading spinner

SonicWall Confirms Exploitation of New SMA Zero-Day Read More »

Apple Patches First Exploited iOS Zero-Day of 2025

apple, exploited, Featured, iOS, Mobile & Wireless, Vulnerabilities, Zero-Day /

Apple Patches First Exploited iOS Zero-Day of 2025 2025-01-28 at 13:03 By Ionut Arghire Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches First Exploited iOS Zero-Day of 2025 Read More »

Building Automation Protocols Increasingly Targeted in OT Attacks: Report

exploited, ICS, ICS/OT, OT /

Building Automation Protocols Increasingly Targeted in OT Attacks: Report 2025-01-27 at 16:04 By Eduard Kovacs Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted.  The post Building Automation Protocols Increasingly Targeted in OT Attacks: Report appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Building Automation Protocols Increasingly Targeted in OT Attacks: Report Read More »

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT

CISA KEV, exploited, jQuery, Vulnerabilities /

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT 2025-01-24 at 18:01 By Eduard Kovacs CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog.   The post CISA Warns of Old jQuery Vulnerability Linked to Chinese APT appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CISA Warns of Old jQuery Vulnerability Linked to Chinese APT Read More »

Critical Zimbra Vulnerability Exploited One Day After PoC Release

Email, email security, exploited, Vulnerabilities, Zimbra /

Critical Zimbra Vulnerability Exploited One Day After PoC Release 2024-10-02 at 13:31 By Ionut Arghire A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers. The post Critical Zimbra Vulnerability Exploited One Day After PoC Release appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Zimbra Vulnerability Exploited One Day After PoC Release Read More »

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities

CISA KEV, exploited, Vulnerabilities /

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities 2024-10-01 at 16:01 By Ionut Arghire CISA warns that years-old vulnerabilities in SAP Commerce, Gpac framework, and D-Link DIR-820 routers are exploited in the wild. The post Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities Read More »

Third Recent Ivanti Vulnerability Exploited in the Wild

exploited, Ivanti, Vulnerabilities /

Third Recent Ivanti Vulnerability Exploited in the Wild 2024-09-25 at 14:17 By Eduard Kovacs CVE-2024-7593 is the third Ivanti product vulnerability patched in recent months that has been exploited in the wild. The post Third Recent Ivanti Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Third Recent Ivanti Vulnerability Exploited in the Wild Read More »

Ivanti Warns of Second CSA Vulnerability Exploited in Attacks

exploited, Featured, Ivanti, Vulnerabilities /

Ivanti Warns of Second CSA Vulnerability Exploited in Attacks 2024-09-20 at 11:46 By Eduard Kovacs In addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, tracked as CVE-2024-8963, has been exploited. The post Ivanti Warns of Second CSA Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ivanti Warns of Second CSA Vulnerability Exploited in Attacks Read More »

Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks

exploited, Featured, Ransomware, Vulnerabilities, WhatsUp Gold /

Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks 2024-09-17 at 13:01 By Eduard Kovacs Two recently patched Progress Software WhatsUp Gold vulnerabilities may have been exploited in the wild, possibly in ransomware attacks. The post Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks Read More »

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

exploited, Vulnerabilities, Windows, Zero-Day /

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day 2024-09-16 at 14:46 By Ionut Arghire Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024. The post Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day Read More »

Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure

exploited, Ivanti, Vulnerabilities /

Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure 2024-09-16 at 12:31 By Eduard Kovacs The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure. The post Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure Read More »

Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks

exploited, Malware & Threats, SonicWall /

Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks 2024-09-09 at 14:31 By Eduard Kovacs A recently patched SonicWall vulnerability tracked as CVE-2024-40766 may have been exploited in ransomware attacks. The post Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks Read More »

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild

exploited, firewall, SonicWall, Vulnerabilities /

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild 2024-09-06 at 16:17 By Eduard Kovacs SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild. The post Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild Read More »

Apache Makes Another Attempt at Patching Exploited RCE in OFBiz

Apache OFBiz, exploited, Vulnerabilities /

Apache Makes Another Attempt at Patching Exploited RCE in OFBiz 2024-09-06 at 15:01 By Ionut Arghire The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks. The post Apache Makes Another Attempt at Patching Exploited RCE in OFBiz appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Apache Makes Another Attempt at Patching Exploited RCE in OFBiz Read More »

DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign 

CISA KEV, DrayTek, exploited, Network Security /

DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign  2024-09-05 at 14:16 By Eduard Kovacs Two DrayTek vulnerabilities added by CISA to its KEV catalog have been exploited by multiple threat groups to steal data from organizations worldwide. The post DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign  appeared first

React to this headline:

Loading spinner

DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign  Read More »

Android’s September 2024 Update Patches Exploited Vulnerability

Android, exploited, Featured, Mobile & Wireless /

Android’s September 2024 Update Patches Exploited Vulnerability 2024-09-04 at 12:48 By Ionut Arghire Google has released Android security updates to patch an exploited local privilege escalation vulnerability. The post Android’s September 2024 Update Patches Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Android’s September 2024 Update Patches Exploited Vulnerability Read More »

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies

exploited, Featured, Nation-State, South Korea, WPS Office, Zero-Day /

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies 2024-08-28 at 18:01 By Eduard Kovacs A WPS Office zero-day vulnerability tracked as CVE⁠-⁠2024⁠-⁠7262 was exploited by South Korean hacker group APT-C-60. The post WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies Read More »

Second Apache OFBiz Vulnerability Exploited in Attacks

Apache OFBiz, CISA KEV, exploited, Vulnerabilities, vulnerability /

Second Apache OFBiz Vulnerability Exploited in Attacks 2024-08-28 at 14:01 By Eduard Kovacs CISA is warning organizations that a second Apache OFBiz flaw is being exploited in the wild shortly after the release of PoC exploits. The post Second Apache OFBiz Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Second Apache OFBiz Vulnerability Exploited in Attacks Read More »

Google Warns of Exploited Chrome Vulnerability

Chrome, exploited, Vulnerabilities, Zero-Day /

Google Warns of Exploited Chrome Vulnerability 2024-08-27 at 13:33 By Ionut Arghire Google flags another high-severity vulnerability patched with the latest Chrome 128 release as exploited in the wild. The post Google Warns of Exploited Chrome Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Google Warns of Exploited Chrome Vulnerability Read More »

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw

exploited, patch, SolarWinds, Vulnerabilities /

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw 2024-08-23 at 11:17 By Ionut Arghire SolarWinds has issued a Web Help Desk hotfix to remove hardcoded credentials from last week’s hotfix for a critical-severity vulnerability. The post SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw appeared first on SecurityWeek. This

React to this headline:

Loading spinner

SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw Read More »

Scroll to Top