Vulnerabilities

Fresh Windows NTLM Vulnerability Exploited in Attacks

exploited, Featured, NTLM, Vulnerabilities, Windows /

Fresh Windows NTLM Vulnerability Exploited in Attacks 2025-04-18 at 11:30 By Ionut Arghire A Windows NTLM vulnerability patched in March has been exploited in attacks targeting government and private institutions. The post Fresh Windows NTLM Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to […]

React to this headline:

Loading spinner

Fresh Windows NTLM Vulnerability Exploited in Attacks Read More »

Vulnerabilities Patched in Atlassian, Cisco Products

Atlassian, Cisco, patch, Vulnerabilities, vulnerability /

Vulnerabilities Patched in Atlassian, Cisco Products 2025-04-17 at 16:52 By Ionut Arghire Atlassian and Cisco have released patches for multiple high-severity vulnerabilities, including remote code execution bugs. The post Vulnerabilities Patched in Atlassian, Cisco Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerabilities Patched in Atlassian, Cisco Products Read More »

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking

Erlang OTP, SSH, Vulnerabilities, vulnerability /

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking 2025-04-17 at 15:19 By Eduard Kovacs Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP SSH. The post Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking Read More »

SonicWall Flags Old Vulnerability as Actively Exploited

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability /

SonicWall Flags Old Vulnerability as Actively Exploited 2025-04-17 at 14:05 By Eduard Kovacs A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild. The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

SonicWall Flags Old Vulnerability as Actively Exploited Read More »

Apple Quashes Two Zero-Days With iOS, MacOS Patches

apple, CVE-2025-31200, CVE-2025-31201, Featured, iOS 18.4.1, macOS, Malware & Threats, Vulnerabilities, Zero-Day /

Apple Quashes Two Zero-Days With iOS, MacOS Patches 2025-04-16 at 23:38 By Ryan Naraine The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Apple Quashes Two Zero-Days With iOS, MacOS Patches Read More »

MITRE CVE Program Gets Last-Hour Funding Reprieve

CISA, CVE, CVE Program, Featured, Government, MITRE, Vulnerabilities /

MITRE CVE Program Gets Last-Hour Funding Reprieve 2025-04-16 at 19:36 By Ryan Naraine The US government’s cybersecurity agency CISA has “executed the option period on the contract” to keep the vulnerability catalog operational. The post MITRE CVE Program Gets Last-Hour Funding Reprieve appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

MITRE CVE Program Gets Last-Hour Funding Reprieve Read More »

Critical Vulnerability Found in Apache Roller Blog Server

Apache Roller, Vulnerabilities, vulnerability /

Critical Vulnerability Found in Apache Roller Blog Server 2025-04-16 at 14:44 By Ionut Arghire A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes. The post Critical Vulnerability Found in Apache Roller Blog Server appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Vulnerability Found in Apache Roller Blog Server Read More »

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities 2025-04-16 at 14:01 By Ionut Arghire Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities. The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities Read More »

Oracle Patches 180 Vulnerabilities With April 2025 CPU

Oracle, patch, Vulnerabilities /

Oracle Patches 180 Vulnerabilities With April 2025 CPU 2025-04-16 at 14:01 By Ionut Arghire Oracle’s April 2025 Critical Patch Update contains 378 security patches that resolve approximately 180 unique CVEs. The post Oracle Patches 180 Vulnerabilities With April 2025 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Oracle Patches 180 Vulnerabilities With April 2025 CPU Read More »

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty

CVE, Featured, Government, MITRE, NIST, NVD, Vulnerabilities /

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty 2025-04-15 at 23:46 By Ryan Naraine MITRE warns of a deterioration of national vulnerability databases and advisories, slowed vendor reaction and limited response operations. The post MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty Read More »

Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed

Artificial Intelligence, container escape, CVE-2024-0132, NVIDIA, Trend Micro, Vulnerabilities /

Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed 2025-04-14 at 19:48 By Ryan Naraine Trend Micro researchers flagging problems with Nvidia’s patch for a critical, code execution vulnerability in the Nvidia Container Toolkit. The post Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed Read More »

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit

CVE-2022-42475, CVE-2023-27997, CVE-2024-21762, Fortinet, FortiOS, Malware & Threats, ThreatMon, Vulnerabilities /

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit 2025-04-14 at 16:49 By Ionut Arghire A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls. The post Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit Read More »

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle

Connect Secure, CVE-2025-22457, Incident Response, Ivanti, Malware & Threats, Mandiant, Rapid7, VPN, Vulnerabilities /

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle 2025-04-11 at 21:05 By Ryan Naraine The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices. The post Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Rapid7 Reveals RCE Path in Ivanti VPN Appliance After Silent Patch Debacle Read More »

Securing the Energy Sector: The Backbone of the UK’s AI Ambitions

Artificial Intelligence, Database Protection, Tips & Tricks, Vulnerabilities /

Securing the Energy Sector: The Backbone of the UK’s AI Ambitions 2025-04-11 at 16:08 By Ed Williams AI and Energy Security: The UK’s Crucial Cybersecurity Challenge – Learn why safeguarding the energy sector is critical for the UK’s AI ambitions and technological leadership. Rising Cyber Threats: Ransomware and Legacy Systems in the Energy Sector –

React to this headline:

Loading spinner

Securing the Energy Sector: The Backbone of the UK’s AI Ambitions Read More »

Vulnerability in OttoKit WordPress Plugin Exploited in the Wild

exploited, Vulnerabilities, WordPress, WordPress plugin /

Vulnerability in OttoKit WordPress Plugin Exploited in the Wild 2025-04-11 at 15:17 By Ionut Arghire A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild. The post Vulnerability in OttoKit WordPress Plugin Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Vulnerability in OttoKit WordPress Plugin Exploited in the Wild Read More »

SonicWall Patches High-Severity Vulnerability in NetExtender

SonicWall, Vulnerabilities, vulnerability /

SonicWall Patches High-Severity Vulnerability in NetExtender 2025-04-11 at 14:18 By Ionut Arghire SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug. The post SonicWall Patches High-Severity Vulnerability in NetExtender appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SonicWall Patches High-Severity Vulnerability in NetExtender Read More »

Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks

email security, Vulnerabilities /

Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks 2025-04-10 at 23:16 By Bernard Bautista and Kevin Adriano Ever thought an image file could be part of a cyber threat? The Trustwave SpiderLabs Email Security team has identified a major spike in SVG image-based attacks, where harmless-looking graphics are being used to hide dangerous links. This

React to this headline:

Loading spinner

Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Read More »

Juniper Networks Patches Dozens of Junos Vulnerabilities

Juniper, Junos, Vulnerabilities, vulnerability /

Juniper Networks Patches Dozens of Junos Vulnerabilities 2025-04-10 at 16:46 By Ionut Arghire Juniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies. The post Juniper Networks Patches Dozens of Junos Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Juniper Networks Patches Dozens of Junos Vulnerabilities Read More »

United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems

Emerging Threats, News, Vulnerabilities /

United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems 2025-04-10 at 16:17 By Global Call to Action: The United Nations urges international cooperation to protect healthcare infrastructure from rising cyber threats. Critical Insights from Trustwave SpiderLabs: Discover key findings from real-world Red Team exercises revealing vulnerabilities in healthcare security. Healthcare Under Siege: Learn how ransomware attacks target

React to this headline:

Loading spinner

United Nations Urges Global Action as Cyberattacks Threaten Healthcare Systems Read More »

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days

CentreStack, CISA KEV, exploited, Gladinet CentreStack, Vulnerabilities /

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days 2025-04-09 at 14:24 By Ionut Arghire CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog. The post CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days Read More »

Scroll to Top