Vulnerabilities

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025

competition, exploit, Featured, Pwn2OPwn, Pwn2Own 2025, Vulnerabilities, vulnerability /

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025 2025-05-19 at 12:02 By Eduard Kovacs Pwn2Own participants demonstrated exploits against VMs, AI, browsers, servers, containers, and operating systems. The post Hackers Earn Over $1 Million at Pwn2Own Berlin 2025 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to […]

React to this headline:

Loading spinner

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025 Read More »

Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development

Tips & Tricks, Vulnerabilities /

Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development 2025-05-16 at 19:45 By Pauline Bolaños Dependency management is one of the biggest challenges in modern software development. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development Read More »

Hackers Win $260,000 on First Day of Pwn2Own Berlin 2025

AI, exploit, Pwn2Own, Pwn2Own 2025, Vulnerabilities /

Hackers Win $260,000 on First Day of Pwn2Own Berlin 2025 2025-05-16 at 10:31 By Eduard Kovacs Pwn2Own participants have earned tens of thousands of dollars for Red Hat, Windows, Oracle VirtualBox, Docker Desktop, and AI exploits. The post Hackers Win $260,000 on First Day of Pwn2Own Berlin 2025 appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Hackers Win $260,000 on First Day of Pwn2Own Berlin 2025 Read More »

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’

Chrome, exploited, PoC, Vulnerabilities, vulnerability /

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ 2025-05-15 at 11:33 By Ionut Arghire Google has rolled out a Chrome 136 update that resolves a high-severity vulnerability for which a public exploit exists. The post Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ Read More »

EU Cybersecurity Agency ENISA Launches European Vulnerability Database

ENISA, EU, EUVD, Vulnerabilities, vulnerability database, vulnerability management /

EU Cybersecurity Agency ENISA Launches European Vulnerability Database 2025-05-14 at 15:02 By Eduard Kovacs Experts say the European Vulnerability Database, or EUVD, should be a good resource, but only if ENISA manages to maintain it properly. The post EU Cybersecurity Agency ENISA Launches European Vulnerability Database appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

EU Cybersecurity Agency ENISA Launches European Vulnerability Database Read More »

Vulnerabilities Patched by Juniper, VMware and Zoom 

Juniper, Patch Tuesday, VMWare, Vulnerabilities, vulnerability, Zoom /

Vulnerabilities Patched by Juniper, VMware and Zoom  2025-05-14 at 13:46 By Ionut Arghire Juniper Networks, VMware, and Zoom have announced patches for dozens of vulnerabilities across their products. The post Vulnerabilities Patched by Juniper, VMware and Zoom  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerabilities Patched by Juniper, VMware and Zoom  Read More »

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances

exploited, Fortinet, Vulnerabilities, Zero-Day /

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances 2025-05-14 at 13:02 By Ionut Arghire Fortinet has patched a dozen vulnerabilities, including a critical flaw exploited in the wild against FortiVoice instances. The post Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances Read More »

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers

exploited, Featured, Ivanti, Vulnerabilities, vulnerability, Zero-Day /

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers 2025-05-14 at 11:01 By Ionut Arghire Ivanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution. The post Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers Read More »

Adobe Patches Big Batch of Critical-Severity Software Flaws

Adobe, ColdFusion, Illustrator, Incident Response, Patch Tuesday, Photoshop, Vulnerabilities /

Adobe Patches Big Batch of Critical-Severity Software Flaws 2025-05-13 at 22:47 By Ryan Naraine Adobe Patch Tuesday headlined by a major Adobe ColdFusion update patching a wide swatch of code execution and privilege escalation attacks. The post Adobe Patches Big Batch of Critical-Severity Software Flaws appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Adobe Patches Big Batch of Critical-Severity Software Flaws Read More »

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday

CVE-2025-30397, CVE-2025-32706, CVE-2025-32709, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities, Windows CLFS, Zero-Day /

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday 2025-05-13 at 21:16 By Ryan Naraine Patch Tuesday: Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category. The post Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Zero-Day Attacks Highlight Another Busy Microsoft Patch Tuesday Read More »

SAP Patches Another Critical NetWeaver Vulnerability

SAP, Vulnerabilities, vulnerability /

SAP Patches Another Critical NetWeaver Vulnerability 2025-05-13 at 16:01 By Ionut Arghire SAP has released 16 new security notes on its May 2025 Security Patch Day, including a note dealing with another critical NetWeaver vulnerability. The post SAP Patches Another Critical NetWeaver Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

SAP Patches Another Critical NetWeaver Vulnerability Read More »

Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023

firewall, Radware, security bypass, security product vulnerability, Vulnerabilities /

Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023 2025-05-13 at 15:35 By Eduard Kovacs The Radware Cloud WAF product vulnerabilities disclosed by CERT/CC were addressed two years ago. The post Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023 Read More »

Apple Patches Major Security Flaws in iOS, macOS Platforms

apple, Featured, iOS 18.5, iPadOS, macOS, Mobile & Wireless, Patch Tuesday, Vulnerabilities /

Apple Patches Major Security Flaws in iOS, macOS Platforms 2025-05-12 at 22:16 By Ryan Naraine Apple rolls out iOS and macOS platform updates to fix serious security bugs that could be triggered simply by opening an image or video file. The post Apple Patches Major Security Flaws in iOS, macOS Platforms appeared first on SecurityWeek.

React to this headline:

Loading spinner

Apple Patches Major Security Flaws in iOS, macOS Platforms Read More »

Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks

Asus, Vulnerabilities, vulnerability /

Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks 2025-05-12 at 14:30 By Ionut Arghire Two vulnerabilities in ASUS’s pre-installed software DriverHub can be exploited for remote code execution. The post Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks Read More »

In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak

In Other News, Vulnerabilities /

In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak 2025-05-09 at 17:54 By Eduard Kovacs Noteworthy stories that might have slipped under the radar: surge in cyberattacks between India and Pakistan, Radware cloud WAF vulnerabilities, xAI key leak. The post In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

In Other News: India-Pakistan Cyberattacks, Radware Vulnerabilities, xAI Leak Read More »

SAP Zero-Day Targeted Since January, Many Sectors Impacted 

China, exploited, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Targeted Since January, Many Sectors Impacted  2025-05-09 at 14:01 By Ionut Arghire Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed. The post SAP Zero-Day Targeted Since January, Many Sectors Impacted  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

SAP Zero-Day Targeted Since January, Many Sectors Impacted  Read More »

Possible Zero-Day Patched in SonicWall SMA Appliances

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability, Zero-Day /

Possible Zero-Day Patched in SonicWall SMA Appliances 2025-05-08 at 16:11 By Ionut Arghire SonicWall patches three SMA 100 vulnerabilities, including a potential zero-day, that could be chained to execute arbitrary code remotely. The post Possible Zero-Day Patched in SonicWall SMA Appliances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Possible Zero-Day Patched in SonicWall SMA Appliances Read More »

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet

botnet, exploited, MagicINFO, Mirai, Vulnerabilities /

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet 2025-05-08 at 13:50 By Ionut Arghire The patches for an exploited Samsung MagicINFO vulnerability are ineffective and a Mirai botnet has started targeting it. The post Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet Read More »

Cisco Patches 35 Vulnerabilities Across Several Products

Cisco, patch, Vulnerabilities /

Cisco Patches 35 Vulnerabilities Across Several Products 2025-05-08 at 13:01 By Ionut Arghire Cisco releases patches for 26 vulnerabilities in IOS and IOS XE software, including 17 critical- and high-severity bugs. The post Cisco Patches 35 Vulnerabilities Across Several Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Cisco Patches 35 Vulnerabilities Across Several Products Read More »

Dozens of SysAid Instances Vulnerable to Remote Hacking

PoC, SysAid, Vulnerabilities, vulnerability /

Dozens of SysAid Instances Vulnerable to Remote Hacking 2025-05-08 at 12:46 By Eduard Kovacs SysAid patches IT service management software vulnerabilities that can be chained for unauthenticated remote command execution.  The post Dozens of SysAid Instances Vulnerable to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Dozens of SysAid Instances Vulnerable to Remote Hacking Read More »

Scroll to Top