exploited

Mass Exploitation of Critical PHP Vulnerability Begins

exploited, Malware & Threats, PHP /

Mass Exploitation of Critical PHP Vulnerability Begins 2025-03-10 at 14:02 By Ionut Arghire GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers. The post Mass Exploitation of Critical PHP Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

Mass Exploitation of Critical PHP Vulnerability Begins Read More »

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets

botnet, camera, Edimax, exploited, Featured, IoT Security, Malware & Threats, Mirai, Zero-Day /

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets 2025-03-07 at 10:31 By Eduard Kovacs Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution. The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets Read More »

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

ESX, exploited, Featured, VMWare, Vulnerabilities, Zero-Day /

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks 2025-03-06 at 12:03 By Eduard Kovacs Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days. The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first

React to this headline:

Loading spinner

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks Read More »

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

exploited, Featured, VMWare, Vulnerabilities, vulnerability /

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild 2025-03-04 at 14:22 By Eduard Kovacs Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild Read More »

Google Patches Pair of Exploited Vulnerabilities in Android

Android, exploited, Mobile & Wireless, Vulnerabilities /

Google Patches Pair of Exploited Vulnerabilities in Android 2025-03-04 at 13:52 By Ionut Arghire Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild. The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Google Patches Pair of Exploited Vulnerabilities in Android Read More »

Exploitation Long Known for Most of CISA’s Latest KEV Additions

CISA KEV, exploited, Vulnerabilities, vulnerability /

Exploitation Long Known for Most of CISA’s Latest KEV Additions 2025-03-04 at 13:02 By Eduard Kovacs Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Exploitation Long Known for Most of CISA’s Latest KEV Additions Read More »

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw

exploited, Krpano, vr, Vulnerabilities, XSS /

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw 2025-02-27 at 15:22 By Eduard Kovacs The websites of dozens of major private and government organizations have been abused in a massive spam campaign that involves exploitation of a vulnerability affecting widely used virtual tour software. The attacks were observed recently by

React to this headline:

Loading spinner

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw Read More »

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability

Agile PLM, CISA KEV, exploited, Oracle, Vulnerabilities /

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability 2025-02-25 at 13:43 By Eduard Kovacs CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog.  The post CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability Read More »

CISA Warns of Attacks Exploiting Craft CMS Vulnerability

CISA KEV, Craft, exploited, Vulnerabilities /

CISA Warns of Attacks Exploiting Craft CMS Vulnerability 2025-02-21 at 13:48 By Eduard Kovacs CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Craft CMS Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Craft CMS Vulnerability Read More »

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

CISA KEV, exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls 2025-02-21 at 13:21 By Eduard Kovacs Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks. The post Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls Read More »

Microsoft Patches Exploited Power Pages Vulnerability

exploited, Featured, Microsoft, Power Pages, Vulnerabilities /

Microsoft Patches Exploited Power Pages Vulnerability 2025-02-20 at 12:49 By Eduard Kovacs Microsoft has patched CVE-2025-24989, a Power Pages privilege escalation vulnerability that has been exploited in attacks. The post Microsoft Patches Exploited Power Pages Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Patches Exploited Power Pages Vulnerability Read More »

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability

exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability 2025-02-18 at 13:20 By Eduard Kovacs Palo Alto Networks has confirmed that a recently patched firewall vulnerability tracked as CVE-2025-0108 is being actively exploited. The post Palo Alto Networks Confirms Exploitation of Firewall Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Palo Alto Networks Confirms Exploitation of Firewall Vulnerability Read More »

SonicWall Firewall Vulnerability Exploited After PoC Publication

exploited, firewall, SonicWall, Vulnerabilities, vulnerability /

SonicWall Firewall Vulnerability Exploited After PoC Publication 2025-02-14 at 14:36 By Ionut Arghire The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published. The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

SonicWall Firewall Vulnerability Exploited After PoC Publication Read More »

New Windows Zero-Day Exploited by Chinese APT: Security Firm

China, exploited, Mustang Panda, Vulnerabilities, Windows, Zero-Day /

New Windows Zero-Day Exploited by Chinese APT: Security Firm 2025-02-14 at 13:52 By Eduard Kovacs ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.  The post New Windows Zero-Day Exploited by Chinese APT: Security Firm appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

New Windows Zero-Day Exploited by Chinese APT: Security Firm Read More »

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure

exploited, firewall, Palo Alto Networks, Vulnerabilities /

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure 2025-02-14 at 13:24 By Eduard Kovacs Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure.  The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure Read More »

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges

exploited, ownCloud, ThinkPHP, Vulnerabilities, vulnerability /

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges 2025-02-13 at 13:33 By Ionut Arghire Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks. The post Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges Read More »

Trimble Cityworks Customers Warned of Zero-Day Exploitation

CityWorks, exploited, ICS, ICS/OT, Trimble, Zero-Day /

Trimble Cityworks Customers Warned of Zero-Day Exploitation 2025-02-07 at 12:05 By Eduard Kovacs Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware. The post Trimble Cityworks Customers Warned of Zero-Day Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Trimble Cityworks Customers Warned of Zero-Day Exploitation Read More »

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine

7-Zip, exploited, Malware & Threats, Russia, Ukraine, Zero-Day /

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine 2025-02-05 at 14:09 By Ionut Arghire Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine Read More »

CISA Issues Exploitation Warning for .NET Vulnerability

.NET, CISA KEV, exploited, Vulnerabilities /

CISA Issues Exploitation Warning for .NET Vulnerability 2025-02-05 at 13:06 By Eduard Kovacs CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog. The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Issues Exploitation Warning for .NET Vulnerability Read More »

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days

exploited, unpatched, Vulnerabilities, Zyxel /

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days 2025-02-05 at 12:01 By Ionut Arghire Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched. The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days Read More »

Scroll to Top