VulnCheck

Funding uncertainty may spell the end of MITRE’s CVE program

Funding uncertainty may spell the end of MITRE’s CVE program 2025-04-16 at 14:56 By Zeljka Zorz The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal funding that helps them maintain it. But others have been waiting in […]

React to this headline:

Loading spinner

Funding uncertainty may spell the end of MITRE’s CVE program Read More »

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) 2025-04-01 at 18:49 By Zeljka Zorz Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through

React to this headline:

Loading spinner

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) Read More »

Swap EOL Zyxel routers, upgrade Netgear ones!

Swap EOL Zyxel routers, upgrade Netgear ones! 2025-02-05 at 16:18 By Zeljka Zorz There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no patches CVE-2024-40891, a command injection vulnerability

React to this headline:

Loading spinner

Swap EOL Zyxel routers, upgrade Netgear ones! Read More »

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) 2025-01-29 at 18:32 By Zeljka Zorz CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has warned. Successful exploitation would allow attackers to execute

React to this headline:

Loading spinner

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) Read More »

Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing

Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing 2024-04-19 at 18:01 By SecurityWeek News VulnCheck banks $8 million in early stage capital to build ‘exploit intelligence’ technologies and services. The post Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing Read More »

VulnCheck IP Intelligence identifies vulnerable internet-connected infrastructure

VulnCheck IP Intelligence identifies vulnerable internet-connected infrastructure 2024-01-18 at 17:03 By Industry News VulnCheck launched IP Intelligence, a new feature set designed to provide real-time tracking of attacker infrastructure and vulnerable IP’s on the internet. VulnCheck IP Intelligence compiles data from popular Internet-Connected Device (ICD) datasets and cross-references it against VulnCheck exploit and vulnerability intelligence

React to this headline:

Loading spinner

VulnCheck IP Intelligence identifies vulnerable internet-connected infrastructure Read More »

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236) 13/12/2023 at 14:17 By Zeljka Zorz Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. “In December

React to this headline:

Loading spinner

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236) Read More »

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) 26/07/2023 at 16:47 By Zeljka Zorz A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the routers is not that difficult. “RouterOS [the underlying

React to this headline:

Loading spinner

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799) Read More »

Scroll to Top