exploited

ESET Vulnerability Exploited for Stealthy Malware Execution

ESET, exploited, ToddyCat, Vulnerabilities, vulnerability /

ESET Vulnerability Exploited for Stealthy Malware Execution 2025-04-08 at 15:32 By Ionut Arghire A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery. The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React […]

React to this headline:

Loading spinner

ESET Vulnerability Exploited for Stealthy Malware Execution Read More »

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk

exploited, Ivanti, Vulnerabilities, vulnerability /

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk 2025-04-08 at 13:58 By Ionut Arghire More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk Read More »

Android Update Patches Two Exploited Vulnerabilities

Android, Cellebrite, exploited, Featured, Mobile & Wireless, USB /

Android Update Patches Two Exploited Vulnerabilities 2025-04-08 at 13:26 By Ionut Arghire Android’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs. The post Android Update Patches Two Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Android Update Patches Two Exploited Vulnerabilities Read More »

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks

CrushFTP, CVE-2025-31161, exploited, Malware & Threats /

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks 2025-04-08 at 12:06 By Eduard Kovacs Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability. The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks Read More »

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability 

CrushFTP, CVE, exploited, Featured, Vulnerabilities /

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  2025-04-03 at 13:31 By Eduard Kovacs Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  Read More »

Questions Remain Over Attacks Causing DrayTek Router Reboots

DrayTek, exploited, Network Security, router /

Questions Remain Over Attacks Causing DrayTek Router Reboots 2025-04-02 at 13:33 By Eduard Kovacs DrayTek has shared some clarifications regarding the recent attacks causing router reboots, but some questions remain unanswered.  The post Questions Remain Over Attacks Causing DrayTek Router Reboots appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Questions Remain Over Attacks Causing DrayTek Router Reboots Read More »

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

CrushFTP, exploited, Vulnerabilities, vulnerability /

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability 2025-04-01 at 14:21 By Eduard Kovacs Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability Read More »

Apple Patches Recent Zero-Days in Older iPhones

apple, exploited, iOS, macOS, patch, Vulnerabilities, Zero-Day /

Apple Patches Recent Zero-Days in Older iPhones 2025-04-01 at 13:39 By Ionut Arghire Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models. The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Patches Recent Zero-Days in Older iPhones Read More »

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Chrome, exploited, Featured, Firefox, sandbox escape, Vulnerabilities, Zero-Day /

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia 2025-03-28 at 12:26 By Eduard Kovacs Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day. The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia Read More »

Critical Next.js Vulnerability in Hacker Crosshairs

exploited, Next.js, Vulnerabilities, vulnerability /

Critical Next.js Vulnerability in Hacker Crosshairs 2025-03-26 at 12:55 By Ionut Arghire Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js. The post Critical Next.js Vulnerability in Hacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Critical Next.js Vulnerability in Hacker Crosshairs Read More »

Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots

DrayTek, exploited, Network Security, router /

Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots 2025-03-25 at 17:33 By Eduard Kovacs DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability. The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots Read More »

CISA Warns of Exploited Nakivo Vulnerability

CISA KEV, exploited, Nakivo, Vulnerabilities /

CISA Warns of Exploited Nakivo Vulnerability 2025-03-20 at 17:35 By Ionut Arghire CISA has added an absolute path traversal bug in Nakivo Backup and Replication to its Known Exploited Vulnerabilities list. The post CISA Warns of Exploited Nakivo Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

CISA Warns of Exploited Nakivo Vulnerability Read More »

Hackers Target Cisco Smart Licensing Utility Vulnerabilities

Cisco, exploited, Smart Licensing Utility, Vulnerabilities /

Hackers Target Cisco Smart Licensing Utility Vulnerabilities 2025-03-20 at 13:46 By Eduard Kovacs SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440. The post Hackers Target Cisco Smart Licensing Utility Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hackers Target Cisco Smart Licensing Utility Vulnerabilities Read More »

Paragon Spyware Attacks Exploited WhatsApp Zero-Day 

Citizen Lab, exploited, Featured, Graphite, Mobile & Wireless, Paragon, spyware, WhatsApp, Zero-Day /

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  2025-03-20 at 12:03 By Eduard Kovacs Attacks involving Paragon’s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction. The post Paragon Spyware Attacks Exploited WhatsApp Zero-Day  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Paragon Spyware Attacks Exploited WhatsApp Zero-Day  Read More »

ChatGPT Vulnerability Exploited Against US Government Organizations

Artificial Intelligence, ChatGPT, exploited, Featured, Government, SSRF /

ChatGPT Vulnerability Exploited Against US Government Organizations 2025-03-18 at 12:02 By Ionut Arghire A year-old vulnerability in ChatGPT is being exploited against financial entities and US government organizations. The post ChatGPT Vulnerability Exploited Against US Government Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

ChatGPT Vulnerability Exploited Against US Government Organizations Read More »

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024

botnet, Edimax, exploited, Malware & Threats /

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 2025-03-13 at 21:08 By Eduard Kovacs A recently disclosed Edimax zero-day vulnerability has been exploited in the wild by Mirai botnets for nearly a year. The post Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 Read More »

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign

exploited, Grafana, Malware & Threats /

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign 2025-03-13 at 17:17 By Ionut Arghire Threat actors are likely targeting Grafana path traversal bugs for reconnaissance in a SSRF exploitation campaign targeting popular platforms. The post Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Grafana Flaws Likely Targeted in Broad SSRF Exploitation Campaign Read More »

Newly Patched Windows Zero-Day Exploited for Two Years

exploited, Vulnerabilities, Windows, Zero-Day /

Newly Patched Windows Zero-Day Exploited for Two Years 2025-03-12 at 14:18 By Ionut Arghire Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023. The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Newly Patched Windows Zero-Day Exploited for Two Years Read More »

Edimax Says No Patches Coming for Zero-Day Exploited by Botnets

botnet, camera, Edimax, exploited, IoT Security /

Edimax Says No Patches Coming for Zero-Day Exploited by Botnets 2025-03-11 at 14:43 By Eduard Kovacs Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago. The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Edimax Says No Patches Coming for Zero-Day Exploited by Botnets Read More »

CISA Warns of Ivanti EPM Vulnerability Exploitation

CISA KEV, exploited, Ivanti, Vulnerabilities /

CISA Warns of Ivanti EPM Vulnerability Exploitation 2025-03-11 at 13:45 By Ionut Arghire CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Ivanti EPM Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Warns of Ivanti EPM Vulnerability Exploitation Read More »

Scroll to Top