Vulnerabilities

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks

exploited, SAP, Vulnerabilities, Zero-Day /

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks 2025-04-29 at 13:34 By Ionut Arghire More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability. The post Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

React to this headline:

Loading spinner

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks Read More »

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities

Broadcom, CISA KEV, Commvault, exploited, Vulnerabilities /

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities 2025-04-29 at 12:02 By Ionut Arghire CISA urges immediate patching for recently disclosed Broadcom, Commvault, and Qualitia vulnerabilities exploited in the wild. The post CISA Warns of Exploited Broadcom, Commvault Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities Read More »

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites

CMS, Craft, exploited, Vulnerabilities, vulnerability, Zero-Day /

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites 2025-04-28 at 17:32 By Ionut Arghire Threat actors have exploited a zero-day vulnerability in Craft CMS to execute PHP code on hundreds of websites. The post Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Craft CMS Zero-Day Exploited to Compromise Hundreds of Websites Read More »

SAP Zero-Day Possibly Exploited by Initial Access Broker

exploited, Featured, initial access broker, SAP, Vulnerabilities, Zero-Day /

SAP Zero-Day Possibly Exploited by Initial Access Broker 2025-04-25 at 12:38 By Ionut Arghire A zero-day vulnerability in SAP NetWeaver potentially affects more than 10,000 internet-facing applications. The post SAP Zero-Day Possibly Exploited by Initial Access Broker appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Zero-Day Possibly Exploited by Initial Access Broker Read More »

Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw

Cisco, Erlang OTP, Vulnerabilities, vulnerability /

Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw 2025-04-24 at 13:03 By Eduard Kovacs Cisco is investigating the impact of the Erlang/OTP remote code execution vulnerability CVE-2025-32433 on its products. The post Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Cisco Confirms Some Products Impacted by Critical Erlang/OTP Flaw Read More »

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth

exploit, Threat Intelligence, Vulnerabilities, Zero-Day /

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth 2025-04-23 at 17:48 By Kevin Townsend Desired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers. The post Ethical Zero Day Marketplace Desired Effect Emerges From Stealth appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth Read More »

SSL.com Scrambles to Patch Certificate Issuance Vulnerability 

certificates, SSL.com, Vulnerabilities, vulnerability /

SSL.com Scrambles to Patch Certificate Issuance Vulnerability  2025-04-22 at 15:48 By Ionut Arghire A vulnerability in SSL.com has resulted in nearly a dozen certificates for legitimate domains being wrongly issued. The post SSL.com Scrambles to Patch Certificate Issuance Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

SSL.com Scrambles to Patch Certificate Issuance Vulnerability  Read More »

Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks

Artificial Intelligence, Tips & Tricks, Vulnerabilities /

Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks 2025-04-21 at 23:40 By Tom Neaves I think you’ll agree with me that growth in the AI landscape is pretty full-on at the moment. I go to sleep and wake up only to find more models have

React to this headline:

Loading spinner

Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks Read More »

Fresh Windows NTLM Vulnerability Exploited in Attacks

exploited, Featured, NTLM, Vulnerabilities, Windows /

Fresh Windows NTLM Vulnerability Exploited in Attacks 2025-04-18 at 11:30 By Ionut Arghire A Windows NTLM vulnerability patched in March has been exploited in attacks targeting government and private institutions. The post Fresh Windows NTLM Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Fresh Windows NTLM Vulnerability Exploited in Attacks Read More »

Vulnerabilities Patched in Atlassian, Cisco Products

Atlassian, Cisco, patch, Vulnerabilities, vulnerability /

Vulnerabilities Patched in Atlassian, Cisco Products 2025-04-17 at 16:52 By Ionut Arghire Atlassian and Cisco have released patches for multiple high-severity vulnerabilities, including remote code execution bugs. The post Vulnerabilities Patched in Atlassian, Cisco Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerabilities Patched in Atlassian, Cisco Products Read More »

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking

Erlang OTP, SSH, Vulnerabilities, vulnerability /

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking 2025-04-17 at 15:19 By Eduard Kovacs Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP SSH. The post Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking Read More »

SonicWall Flags Old Vulnerability as Actively Exploited

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability /

SonicWall Flags Old Vulnerability as Actively Exploited 2025-04-17 at 14:05 By Eduard Kovacs A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild. The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

SonicWall Flags Old Vulnerability as Actively Exploited Read More »

Apple Quashes Two Zero-Days With iOS, MacOS Patches

apple, CVE-2025-31200, CVE-2025-31201, Featured, iOS 18.4.1, macOS, Malware & Threats, Vulnerabilities, Zero-Day /

Apple Quashes Two Zero-Days With iOS, MacOS Patches 2025-04-16 at 23:38 By Ryan Naraine The vulnerabilities are described as code execution and mitigation bypass issues that affect Apple’s iOS, iPadOS and macOS platforms. The post Apple Quashes Two Zero-Days With iOS, MacOS Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Apple Quashes Two Zero-Days With iOS, MacOS Patches Read More »

MITRE CVE Program Gets Last-Hour Funding Reprieve

CISA, CVE, CVE Program, Featured, Government, MITRE, Vulnerabilities /

MITRE CVE Program Gets Last-Hour Funding Reprieve 2025-04-16 at 19:36 By Ryan Naraine The US government’s cybersecurity agency CISA has “executed the option period on the contract” to keep the vulnerability catalog operational. The post MITRE CVE Program Gets Last-Hour Funding Reprieve appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

MITRE CVE Program Gets Last-Hour Funding Reprieve Read More »

Critical Vulnerability Found in Apache Roller Blog Server

Apache Roller, Vulnerabilities, vulnerability /

Critical Vulnerability Found in Apache Roller Blog Server 2025-04-16 at 14:44 By Ionut Arghire A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes. The post Critical Vulnerability Found in Apache Roller Blog Server appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Vulnerability Found in Apache Roller Blog Server Read More »

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities 2025-04-16 at 14:01 By Ionut Arghire Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities. The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities Read More »

Oracle Patches 180 Vulnerabilities With April 2025 CPU

Oracle, patch, Vulnerabilities /

Oracle Patches 180 Vulnerabilities With April 2025 CPU 2025-04-16 at 14:01 By Ionut Arghire Oracle’s April 2025 Critical Patch Update contains 378 security patches that resolve approximately 180 unique CVEs. The post Oracle Patches 180 Vulnerabilities With April 2025 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Oracle Patches 180 Vulnerabilities With April 2025 CPU Read More »

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty

CVE, Featured, Government, MITRE, NIST, NVD, Vulnerabilities /

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty 2025-04-15 at 23:46 By Ryan Naraine MITRE warns of a deterioration of national vulnerability databases and advisories, slowed vendor reaction and limited response operations. The post MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

MITRE Warns CVE Program Faces Disruption Amid US Funding Uncertainty Read More »

Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed

Artificial Intelligence, container escape, CVE-2024-0132, NVIDIA, Trend Micro, Vulnerabilities /

Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed 2025-04-14 at 19:48 By Ryan Naraine Trend Micro researchers flagging problems with Nvidia’s patch for a critical, code execution vulnerability in the Nvidia Container Toolkit. The post Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Trend Micro Flags Incomplete Nvidia Patch That Leaves AI Containers Exposed Read More »

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit

CVE-2022-42475, CVE-2023-27997, CVE-2024-21762, Fortinet, FortiOS, Malware & Threats, ThreatMon, Vulnerabilities /

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit 2025-04-14 at 16:49 By Ionut Arghire A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls. The post Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Threat Actor Allegedly Selling Fortinet Firewall Zero-Day Exploit Read More »

Scroll to Top