Featured

Intel, AMD Processors Affected by PCIe Vulnerabilities

Intel, AMD Processors Affected by PCIe Vulnerabilities 2025-12-10 at 10:22 By Eduard Kovacs The PCIe flaws, found by Intel employees, can be exploited for information disclosure, escalation of privilege, or DoS. The post Intel, AMD Processors Affected by PCIe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Intel, AMD Processors Affected by PCIe Vulnerabilities Read More »

Microsoft Patches 57 Vulnerabilities, Three Zero-Days

Microsoft Patches 57 Vulnerabilities, Three Zero-Days 2025-12-10 at 00:44 By Ionut Arghire Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges. The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 57 Vulnerabilities, Three Zero-Days Read More »

Exploitation of React2Shell Surges

Exploitation of React2Shell Surges 2025-12-08 at 12:00 By Eduard Kovacs An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks. The post Exploitation of React2Shell Surges appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploitation of React2Shell Surges Read More »

Cloudflare Outage Caused by React2Shell Mitigations

Cloudflare Outage Caused by React2Shell Mitigations 2025-12-05 at 17:57 By Eduard Kovacs The critical React vulnerability has been exploited in the wild by Chinese and other threat actors. The post Cloudflare Outage Caused by React2Shell Mitigations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cloudflare Outage Caused by React2Shell Mitigations Read More »

Chinese Hackers Exploiting React2Shell Vulnerability

Chinese Hackers Exploiting React2Shell Vulnerability 2025-12-05 at 10:30 By Eduard Kovacs AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182. The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chinese Hackers Exploiting React2Shell Vulnerability Read More »

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability 2025-12-04 at 12:11 By Eduard Kovacs A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182. The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability Read More »

Microsoft Silently Mitigated Exploited LNK Vulnerability

Microsoft Silently Mitigated Exploited LNK Vulnerability 2025-12-03 at 14:35 By Ionut Arghire Windows now displays in the properties tab of LNK files critical information that could reveal malicious code. The post Microsoft Silently Mitigated Exploited LNK Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Silently Mitigated Exploited LNK Vulnerability Read More »

Android’s December 2025 Updates Patch Two Zero-Days

Android’s December 2025 Updates Patch Two Zero-Days 2025-12-02 at 15:15 By Ionut Arghire Google warns that two out of the 107 vulnerabilities patched in Android this month have been exploited in limited, targeted attacks. The post Android’s December 2025 Updates Patch Two Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Android’s December 2025 Updates Patch Two Zero-Days Read More »

Facial Recognition’s Trust Problem

Facial Recognition’s Trust Problem 2025-12-01 at 21:01 By Kevin Townsend Two technologies — one for public safety, one for controlled entry — show why trust in facial recognition must be earned, not assumed. The post Facial Recognition’s Trust Problem appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Facial Recognition’s Trust Problem Read More »

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack 2025-12-01 at 13:14 By Eduard Kovacs CISA has added CVE-2021-26829 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Warns of ScadaBR Vulnerability After Hacktivist ICS Attack Read More »

OpenAI User Data Exposed in Mixpanel Hack

OpenAI User Data Exposed in Mixpanel Hack 2025-11-27 at 14:42 By Eduard Kovacs Multiple Mixpanel customers were impacted by a recent cyberattack targeting the product analytics company.  The post OpenAI User Data Exposed in Mixpanel Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

OpenAI User Data Exposed in Mixpanel Hack Read More »

Dartmouth College Confirms Data Theft in Oracle Hack

Dartmouth College Confirms Data Theft in Oracle Hack 2025-11-26 at 10:15 By Eduard Kovacs Dartmouth College has disclosed a data breach after cybercriminals leaked over 226 Gb of files stolen from the university. The post Dartmouth College Confirms Data Theft in Oracle Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Dartmouth College Confirms Data Theft in Oracle Hack Read More »

Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims

Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims 2025-11-24 at 15:40 By Eduard Kovacs More than 1.6 Tb of data allegedly stolen from Cox was made public by the hackers. The post Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims appeared first on SecurityWeek. This article is an excerpt

Cox Confirms Oracle EBS Hack as Cybercriminals Name 100 Alleged Victims Read More »

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability 2025-11-21 at 13:20 By Eduard Kovacs SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake. The post SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability appeared first on SecurityWeek. This

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability Read More »

Recent 7-Zip Vulnerability Exploited in Attacks

Recent 7-Zip Vulnerability Exploited in Attacks 2025-11-20 at 13:09 By Ionut Arghire A proof-of-concept (PoC) exploit targeting the high-severity remote code execution (RCE) bug exists. The post Recent 7-Zip Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Recent 7-Zip Vulnerability Exploited in Attacks Read More »

Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal

Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal 2025-11-20 at 04:32 By SecurityWeek News The move to acquire Chronosphere is the latest of several acquisitions in recent years and follows a massive $25 billion deal to acquire CyberArk. The post Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion

Palo Alto Networks to Acquire Observability Platform Chronosphere in $3.35 Billion Deal Read More »

Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes

Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes 2025-11-19 at 20:16 By Eduard Kovacs Amazon threat intelligence experts have documented two cases in which Iran leveraged hacking to prepare for kinetic attacks. The post Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes appeared first on SecurityWeek. This

Amazon Details Iran’s Cyber-Enabled Kinetic Attacks Linking Digital Spying to Physical Strikes Read More »

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week 2025-11-19 at 11:49 By Ionut Arghire An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system. The post Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week Read More »

Cloudflare Outage Not Caused by Cyberattack

Cloudflare Outage Not Caused by Cyberattack 2025-11-18 at 20:17 By Eduard Kovacs Major online services such as ChatGPT, X, and Shopify were disrupted in a, as well as transit and city services.  The post Cloudflare Outage Not Caused by Cyberattack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cloudflare Outage Not Caused by Cyberattack Read More »

Logitech Confirms Data Breach Following Designation as Oracle Hack Victim

Logitech Confirms Data Breach Following Designation as Oracle Hack Victim 2025-11-17 at 13:10 By Eduard Kovacs Logitech was listed on the Cl0p ransomware leak website in early November, but its disclosure does not mention Oracle. The post Logitech Confirms Data Breach Following Designation as Oracle Hack Victim appeared first on SecurityWeek. This article is an

Logitech Confirms Data Breach Following Designation as Oracle Hack Victim Read More »

Scroll to Top