Vulnerabilities

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA

CISA KEV, Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA 2025-07-14 at 17:58 By Ionut Arghire CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA Read More »

Hackers Inject Malware Into Gravity Forms WordPress Plugin 

Malware, Vulnerabilities, WordPress, WordPress plugin /

Hackers Inject Malware Into Gravity Forms WordPress Plugin  2025-07-14 at 12:32 By Ionut Arghire Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack. The post Hackers Inject Malware Into Gravity Forms WordPress Plugin  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Hackers Inject Malware Into Gravity Forms WordPress Plugin  Read More »

Critical Wing FTP Server Vulnerability Exploited

exploited, Vulnerabilities, vulnerability, Wing FTP server /

Critical Wing FTP Server Vulnerability Exploited 2025-07-11 at 12:32 By Ionut Arghire Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Wing FTP Server Vulnerability Exploited Read More »

Rowhammer Attack Demonstrated Against Nvidia GPU

GPU, GPUHammer, NVIDIA, Rowhammer, Vulnerabilities /

Rowhammer Attack Demonstrated Against Nvidia GPU 2025-07-11 at 11:17 By Eduard Kovacs Researchers demonstrated GPUHammer — a Rowhammer attack against GPUs — by degrading the accuracy of machine learning models. The post Rowhammer Attack Demonstrated Against Nvidia GPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Rowhammer Attack Demonstrated Against Nvidia GPU Read More »

Ivanti, Fortinet, Splunk Release Security Updates

Fortinet, Ivanti, patch, Splunk, Vulnerabilities /

Ivanti, Fortinet, Splunk Release Security Updates 2025-07-09 at 11:38 By Ionut Arghire Ivanti, Fortinet, and Splunk have released patches for critical- and high-severity vulnerabilities in their products. The post Ivanti, Fortinet, Splunk Release Security Updates appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Ivanti, Fortinet, Splunk Release Security Updates Read More »

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday

CVE-2025-49719, Microsoft, Patch Tuesday, Vulnerabilities /

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday 2025-07-09 at 00:24 By Ionut Arghire Patch Tuesday July 2025: Microsoft rolled out fixes for 130 vulnerabilities, including a zero-day in SQL Server. The post Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Microsoft Patches 130 Vulnerabilities for July 2025 Patch Tuesday Read More »

Adobe Patches Critical Code Execution Bugs

Adobe, Patch Tuesday, Vulnerabilities /

Adobe Patches Critical Code Execution Bugs 2025-07-09 at 00:24 By Ionut Arghire Adobe patches were also released for medium-severity flaws in After Effects, Audition, Dimension, Experience Manager Screens, FrameMaker, Illustrator, Substance 3D Stager, and Substance 3D Viewer. The post Adobe Patches Critical Code Execution Bugs appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Adobe Patches Critical Code Execution Bugs Read More »

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover

SAP, Vulnerabilities /

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover 2025-07-08 at 16:01 By Ionut Arghire SAP has released patches for multiple insecure deserialization vulnerabilities in NetWeaver that could lead to full system compromise. The post SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover appeared first on

React to this headline:

Loading spinner

SAP Patches Critical Flaws That Could Allow Remote Code Execution, Full System Takeover Read More »

Exploits, Technical Details Released for CitrixBleed2 Vulnerability

CitrixBleed2, CVE-2025-5777, Featured, Network Security, Vulnerabilities, vulnerability /

Exploits, Technical Details Released for CitrixBleed2 Vulnerability 2025-07-08 at 15:17 By Ionut Arghire Researchers released technical information and exploit code targeting a critical vulnerability (CVE-2025-5777) in Citrix NetScaler. The post Exploits, Technical Details Released for CitrixBleed2 Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Exploits, Technical Details Released for CitrixBleed2 Vulnerability Read More »

Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild

Vulnerabilities /

Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild 2025-07-07 at 21:51 By Ionut Arghire CVE-2025-6554 and three other Chromium vulnerabilities could allow attackers to execute code and corrupt memory remotely. The post Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild Read More »

The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner

data breach, Database Protection, DFIR, News, Vulnerabilities /

The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner 2025-07-04 at 15:34 By Nikita Kazymirskyi On July 3, 2025, Qantas confirmed in an update statement that a cyber incident had compromised data from one of its contact centers, following the detection of suspicious activity on June 30. The breach didn’t strike at the heart

React to this headline:

Loading spinner

The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner Read More »

Cisco Warns of Hardcoded Credentials in Enterprise Software

Cisco, CVE-2025-20309, Network Security, Vulnerabilities /

Cisco Warns of Hardcoded Credentials in Enterprise Software 2025-07-03 at 14:32 By Ionut Arghire Hardcoded SSH credentials in Cisco Unified CM and Unified CM SME could allow attackers to execute commands as root. The post Cisco Warns of Hardcoded Credentials in Enterprise Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Cisco Warns of Hardcoded Credentials in Enterprise Software Read More »

Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover

Vulnerabilities, vulnerability, WordPress, WordPress plugin /

Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover 2025-07-02 at 13:18 By Ionut Arghire A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites. The post Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover Read More »

CISA Warns of Two Exploited TeleMessage Vulnerabilities 

CISA KEV, exploited, TeleMessage, Vulnerabilities /

CISA Warns of Two Exploited TeleMessage Vulnerabilities  2025-07-02 at 12:02 By Ionut Arghire CISA says two more vulnerabilities in the messaging application TeleMessage TM SGNL have been exploited in the wild. The post CISA Warns of Two Exploited TeleMessage Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

CISA Warns of Two Exploited TeleMessage Vulnerabilities  Read More »

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities

Citrix, CitrixBleed 2, exploited, Vulnerabilities /

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities 2025-07-01 at 13:03 By Ionut Arghire Many Citrix NetScaler systems are exposed to attacks exploiting the vulnerabilities tracked as CVE-2025-5777 and CVE-2025-6543. The post Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities Read More »

Chrome 138 Update Patches Zero-Day Vulnerability

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome 138 Update Patches Zero-Day Vulnerability 2025-07-01 at 10:02 By Ionut Arghire Google has released a Chrome 138 update that patches a high-severity vulnerability with an exploit in the wild. The post Chrome 138 Update Patches Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Chrome 138 Update Patches Zero-Day Vulnerability Read More »

Trustwave SpiderLabs Investigates the Dark Web’s Role in Supply Chain Attacks

Reports, Threat Intelligence, Vulnerabilities /

Trustwave SpiderLabs Investigates the Dark Web’s Role in Supply Chain Attacks 2025-06-27 at 16:04 By One of the most dangerous aspects of the dark web is that it provides like-minded threat actors a haven to gather, discuss, develop, and sell access to technology companies, which are often the first link in a supply chain attack.

React to this headline:

Loading spinner

Trustwave SpiderLabs Investigates the Dark Web’s Role in Supply Chain Attacks Read More »

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability

Citrix, CitrixBleed 2, exploited, Featured, NetScaler, Vulnerabilities /

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability 2025-06-27 at 12:13 By Eduard Kovacs The Citrix NetScaler vulnerability tracked as CitrixBleed 2 and CVE-2025–5777 may be exploited in the wild for initial access. The post Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Evidence Suggests Exploitation of CitrixBleed 2 Vulnerability Read More »

CISA Warns AMI BMC Vulnerability Exploited in the Wild

AMI, BMC, CISA KEV, exploited, Vulnerabilities /

CISA Warns AMI BMC Vulnerability Exploited in the Wild 2025-06-26 at 13:16 By Ionut Arghire CISA is urging federal agencies to patch a recent AMI BMC vulnerability and a half-a-decade-old bug in FortiOS by July 17. The post CISA Warns AMI BMC Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

CISA Warns AMI BMC Vulnerability Exploited in the Wild Read More »

Scroll to Top