Vulnerabilities

In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak

In Other News, Vulnerabilities /

In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak 2025-05-09 at 17:54 By Eduard Kovacs Noteworthy stories that might have slipped under the radar: surge in cyberattacks between India and Pakistan, Radware cloud WAF vulnerabilities, xAI key leak. The post In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak appeared first on SecurityWeek. This article […]

React to this headline:

Loading spinner

In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak Read More »

SAP Zero-Day Targeted Since January, Many Sectors Impacted 

China, exploited, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Targeted Since January, Many Sectors Impacted  2025-05-09 at 14:01 By Ionut Arghire Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed. The post SAP Zero-Day Targeted Since January, Many Sectors Impacted  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

SAP Zero-Day Targeted Since January, Many Sectors Impacted  Read More »

Possible Zero-Day Patched in SonicWall SMA Appliances

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability, Zero-Day /

Possible Zero-Day Patched in SonicWall SMA Appliances 2025-05-08 at 16:11 By Ionut Arghire SonicWall patches three SMA 100 vulnerabilities, including a potential zero-day, that could be chained to execute arbitrary code remotely. The post Possible Zero-Day Patched in SonicWall SMA Appliances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Possible Zero-Day Patched in SonicWall SMA Appliances Read More »

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet

botnet, exploited, MagicINFO, Mirai, Vulnerabilities /

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet 2025-05-08 at 13:50 By Ionut Arghire The patches for an exploited Samsung MagicINFO vulnerability are ineffective and a Mirai botnet has started targeting it. The post Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet Read More »

Cisco Patches 35 Vulnerabilities Across Several Products

Cisco, patch, Vulnerabilities /

Cisco Patches 35 Vulnerabilities Across Several Products 2025-05-08 at 13:01 By Ionut Arghire Cisco releases patches for 26 vulnerabilities in IOS and IOS XE software, including 17 critical- and high-severity bugs. The post Cisco Patches 35 Vulnerabilities Across Several Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Cisco Patches 35 Vulnerabilities Across Several Products Read More »

Dozens of SysAid Instances Vulnerable to Remote Hacking

PoC, SysAid, Vulnerabilities, vulnerability /

Dozens of SysAid Instances Vulnerable to Remote Hacking 2025-05-08 at 12:46 By Eduard Kovacs SysAid patches IT service management software vulnerabilities that can be chained for unauthenticated remote command execution.  The post Dozens of SysAid Instances Vulnerable to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Dozens of SysAid Instances Vulnerable to Remote Hacking Read More »

Second OttoKit Vulnerability Exploited to Hack WordPress Sites

exploited, Vulnerabilities, WordPress, WordPress plugin /

Second OttoKit Vulnerability Exploited to Hack WordPress Sites 2025-05-07 at 12:16 By Ionut Arghire Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges. The post Second OttoKit Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Second OttoKit Vulnerability Exploited to Hack WordPress Sites Read More »

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities

Emerging Threats, Security Research, Vulnerabilities /

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities 2025-05-06 at 18:47 By Karl Biron Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate real-world exploitation techniques using Docker-based simulations and the custom-built Python tool M.A.T.R.I.X. This article is an excerpt from SpiderLabs Blog View Original Source

React to this headline:

Loading spinner

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities Read More »

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise

exploited, SAP, Vulnerabilities, Zero-Day /

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise 2025-05-06 at 15:39 By Ionut Arghire Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability. The post Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise Read More »

Samsung MagicINFO Vulnerability Exploited Days After PoC Publication

exploited, IoT, IoT Security, MagicINFO, Samsung, Vulnerabilities /

Samsung MagicINFO Vulnerability Exploited Days After PoC Publication 2025-05-06 at 14:33 By Ionut Arghire Threat actors started exploiting a vulnerability in Samsung MagicINFO only days after a PoC exploit was published. The post Samsung MagicINFO Vulnerability Exploited Days After PoC Publication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Samsung MagicINFO Vulnerability Exploited Days After PoC Publication Read More »

Critical Commvault Vulnerability in Attacker Crosshairs

Commvault, exploited, Vulnerabilities, vulnerability /

Critical Commvault Vulnerability in Attacker Crosshairs 2025-05-05 at 15:32 By Ionut Arghire CISA has flagged a critical-severity Commvault vulnerability as exploited one week after technical details were released. The post Critical Commvault Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Commvault Vulnerability in Attacker Crosshairs Read More »

PoC Published for Exploited SonicWall Vulnerabilities

CISA KEV, exploited, PoC, SonicWall, Vulnerabilities /

PoC Published for Exploited SonicWall Vulnerabilities 2025-05-05 at 13:06 By Ionut Arghire PoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog. The post PoC Published for Exploited SonicWall Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

PoC Published for Exploited SonicWall Vulnerabilities Read More »

Why Microsoft Email Security Benefits from a Layered Approach

email security, Microsoft Security, Perspectives, Vulnerabilities /

Why Microsoft Email Security Benefits from a Layered Approach 2025-05-02 at 16:03 By Doug Olenick The best secure email gateways mimic the tried and true “defense in depth” cybersecurity strategy by using a layered approach, including advanced features that make effective use of AI. This article is an excerpt from Trustwave Blog View Original Source

React to this headline:

Loading spinner

Why Microsoft Email Security Benefits from a Layered Approach Read More »

A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms

email security, Perspectives, Vulnerabilities /

A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms 2025-05-02 at 16:03 By Pauline Bolaños A quarter century ago, a former computer science student from the Philippines accidentally unleashed one of the most destructive computer viruses in modern history. This article is an excerpt from SpiderLabs Blog View Original Source React

React to this headline:

Loading spinner

A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms Read More »

Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools

Artificial Intelligence, code, Development, Vulnerabilities /

Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools 2025-05-01 at 16:01 By Mike Lennon The advantages AI tools deliver in speed and efficiency are impossible for developers to resist. But the complexity and risk created by AI-generated code can’t be ignored. The post Year of the

React to this headline:

Loading spinner

Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools Read More »

More Details Come to Light on Commvault Vulnerability Exploitation

Commvault, exploited, Vulnerabilities, Zero-Day /

More Details Come to Light on Commvault Vulnerability Exploitation 2025-05-01 at 15:03 By Ionut Arghire Commvault has shared indicators of compromise associated with the exploitation of a vulnerability by state-sponsored hackers. The post More Details Come to Light on Commvault Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

More Details Come to Light on Commvault Vulnerability Exploitation Read More »

SonicWall Flags Two More Vulnerabilities as Exploited

exploited, SonicWall, Vulnerabilities, vulnerability /

SonicWall Flags Two More Vulnerabilities as Exploited 2025-05-01 at 13:01 By Ionut Arghire SonicWall has updated the advisories for two vulnerabilities to warn that they are being exploited in the wild. The post SonicWall Flags Two More Vulnerabilities as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SonicWall Flags Two More Vulnerabilities as Exploited Read More »

Tech Giants Propose Standard For End-of-Life Security Disclosures

Cisco, end-of-life, EOL, Management & Strategy, Microsoft, OASIS, OpenEoX, Risk Management, Vulnerabilities /

Tech Giants Propose Standard For End-of-Life Security Disclosures 2025-04-30 at 18:50 By Ryan Naraine The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools.  The post Tech Giants Propose Standard For End-of-Life Security Disclosures appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Tech Giants Propose Standard For End-of-Life Security Disclosures Read More »

Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities

Chrome, Firefox, patch, Vulnerabilities /

Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities 2025-04-30 at 11:04 By Ionut Arghire Chrome 136 and Firefox 138 were released in the stable channel with patches for multiple high-severity vulnerabilities. The post Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities Read More »

Google Tracked 75 Zero-Days in 2024

exploit, Google, report, Vulnerabilities, Zero-Day /

Google Tracked 75 Zero-Days in 2024 2025-04-29 at 14:42 By Eduard Kovacs The number of exploited zero-days seen by Google in 2024 dropped to 75, from 98 observed in the previous year. The post Google Tracked 75 Zero-Days in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Google Tracked 75 Zero-Days in 2024 Read More »

Scroll to Top