Vulnerabilities

Securing Healthcare’s Vulnerable Supply Chain

Securing Healthcare’s Vulnerable Supply Chain 2025-09-02 at 21:49 By Healthcare supply chains are increasingly vulnerable to cyber threats through third-party vendors, cloud services, and connected medical devices. Ransomware in healthcare can shut down critical systems, delay treatment, and endanger patient safety. Stronger cybersecurity standards, vendor risk management, and cross-border threat intelligence are vital to securing […]

React to this headline:

Loading spinner

Securing Healthcare’s Vulnerable Supply Chain Read More »

Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers

Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers 2025-09-02 at 21:18 By Ionut Arghire Tracked as CVE-2025-57819 (CVSS score of 10/10), the bug is described as an insufficient sanitization of user-supplied data. The post Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Sangoma Patches Critical Zero-Day Exploited to Hack FreePBX Servers Read More »

WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users

WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users 2025-09-02 at 14:48 By Ionut Arghire The vulnerability (CVE-2025-55177) was exploited along an iOS/macOS zero-day in suspected spyware attacks. The post WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

WhatsApp Zero-Day Exploited in Attacks Targeting Apple Users Read More »

Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner

Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner 2025-08-28 at 19:03 By Karla Agregado In recent months, Trustwave SpiderLabs, A LevelBlue Company, saw a significant increase in phishing URLs containing familiar patterns, similar phishing templates, and a resurgence in the use of email marketing platforms. The use of URL redirectors, along with the abuse of

React to this headline:

Loading spinner

Unraveling Phishing Campaigns Flagged by Trustwave’s URL Scanner Read More »

Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack

Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack 2025-08-28 at 13:55 By Ionut Arghire With more than 4 million weekly downloads, the Nx build platform became the first known supply chain breach where hackers weaponized AI assistants for data theft. The post Hackers Target Popular Nx Build System in First AI-Weaponized

React to this headline:

Loading spinner

Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack Read More »

Citrix Patches Exploited NetScaler Zero-Day

Citrix Patches Exploited NetScaler Zero-Day 2025-08-27 at 14:51 By Ionut Arghire Zero-day exploited in the wild forces Citrix and CISA to push emergency patch deadlines for federal agencies. The post Citrix Patches Exploited NetScaler Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Citrix Patches Exploited NetScaler Zero-Day Read More »

Organizations Warned of Exploited Git Vulnerability

Organizations Warned of Exploited Git Vulnerability 2025-08-26 at 11:29 By Ionut Arghire CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote code execution. The post Organizations Warned of Exploited Git Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Organizations Warned of Exploited Git Vulnerability Read More »

The Next Level of Managed Vulnerability Scanning: Authenticated and Unauthenticated Scans

The Next Level of Managed Vulnerability Scanning: Authenticated and Unauthenticated Scans 2025-08-25 at 16:17 By Mary Eduel Neyra Trustwave, A LevelBlue Company, is a huge proponent of employing offensive security tactics to ensure a client is properly protected. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

The Next Level of Managed Vulnerability Scanning: Authenticated and Unauthenticated Scans Read More »

MITRE Updates List of Most Common Hardware Weaknesses

MITRE Updates List of Most Common Hardware Weaknesses 2025-08-22 at 10:52 By Ionut Arghire MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges. The post MITRE Updates List of Most Common Hardware Weaknesses appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

MITRE Updates List of Most Common Hardware Weaknesses Read More »

Password Managers Vulnerable to Data Theft via Clickjacking

Password Managers Vulnerable to Data Theft via Clickjacking 2025-08-21 at 15:18 By Eduard Kovacs A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks. The post Password Managers Vulnerable to Data Theft via Clickjacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Password Managers Vulnerable to Data Theft via Clickjacking Read More »

Apple Patches Zero-Day Exploited in Targeted Attacks

Apple Patches Zero-Day Exploited in Targeted Attacks 2025-08-21 at 13:21 By Ionut Arghire Apple has rolled out iOS and macOS updates that resolve a zero-day vulnerability exploited in highly targeted attacks. The post Apple Patches Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Apple Patches Zero-Day Exploited in Targeted Attacks Read More »

Elastic Refutes Claims of Zero-Day in EDR Product

Elastic Refutes Claims of Zero-Day in EDR Product 2025-08-20 at 17:08 By Ionut Arghire Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online. The post Elastic Refutes Claims of Zero-Day in EDR Product appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Elastic Refutes Claims of Zero-Day in EDR Product Read More »

High-Severity Vulnerabilities Patched in Chrome, Firefox

High-Severity Vulnerabilities Patched in Chrome, Firefox 2025-08-20 at 11:19 By Ionut Arghire Google and Mozilla have released patches for multiple high-severity vulnerabilities affecting Chrome and Firefox. The post High-Severity Vulnerabilities Patched in Chrome, Firefox appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

High-Severity Vulnerabilities Patched in Chrome, Firefox Read More »

Intel Employee Data Exposed by Vulnerabilities

Intel Employee Data Exposed by Vulnerabilities 2025-08-20 at 10:18 By Eduard Kovacs A researcher said he found vulnerable internal services that exposed the information of 270,000 Intel employees.  The post Intel Employee Data Exposed by Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Intel Employee Data Exposed by Vulnerabilities Read More »

New Exploit Poses Threat to SAP NetWeaver Instances

New Exploit Poses Threat to SAP NetWeaver Instances 2025-08-19 at 15:59 By Ionut Arghire A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. The post New Exploit Poses Threat to SAP NetWeaver Instances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

New Exploit Poses Threat to SAP NetWeaver Instances Read More »

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities 2025-08-18 at 15:25 By Ionut Arghire More than 870 N-able N-central instances have not been patched against CVE-2025-8875 and CVE-2025-8876, two exploited vulnerabilities. The post Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities Read More »

Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event)

Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) 2025-08-16 at 16:58 By SecurityWeek News CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) appeared

React to this headline:

Loading spinner

Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) Read More »

Cisco Patches Critical Vulnerability in Firewall Management Platform

Cisco Patches Critical Vulnerability in Firewall Management Platform 2025-08-15 at 10:48 By Eduard Kovacs Cisco has released over 20 advisories as part of its August 2025 bundled publication for ASA, FMC and FTD products. The post Cisco Patches Critical Vulnerability in Firewall Management Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Cisco Patches Critical Vulnerability in Firewall Management Platform Read More »

Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution

Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution 2025-08-14 at 17:04 By Eduard Kovacs Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core.  The post Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution Read More »

CISA Warns of Attacks Exploiting N-able Vulnerabilities

CISA Warns of Attacks Exploiting N-able Vulnerabilities 2025-08-14 at 15:32 By Eduard Kovacs CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched. The post CISA Warns of Attacks Exploiting N-able Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting N-able Vulnerabilities Read More »

Scroll to Top