Vulnerabilities

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

ArcaneDoor, China, Cisco, exploited, Featured, firewall, Vulnerabilities, Zero-Day /

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks 2025-09-26 at 10:20 By Ionut Arghire Leading to remote code execution and privilege escalation, the flaws were exploited on Cisco ASA 5500-X series devices that lack secure boot. The post Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks appeared first on SecurityWeek. This article is an excerpt […]

React to this headline:

Loading spinner

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks Read More »

Cisco Patches Zero-Day Flaw Affecting Routers and Switches

Cisco, exploited, Featured, Network Security, router, Switch, Vulnerabilities, Zero-Day /

Cisco Patches Zero-Day Flaw Affecting Routers and Switches 2025-09-25 at 11:46 By Ionut Arghire The security defect allows remote attackers with administrative privileges to execute arbitrary code as the root user. The post Cisco Patches Zero-Day Flaw Affecting Routers and Switches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Cisco Patches Zero-Day Flaw Affecting Routers and Switches Read More »

LevelBlue Spotlight Report Finds Manufacturers Struggling with the Impact of AI and Supply Chain Risk

Artificial Intelligence, Emerging Threats, Reports, Security Research, Vulnerabilities /

LevelBlue Spotlight Report Finds Manufacturers Struggling with the Impact of AI and Supply Chain Risk 2025-09-24 at 16:22 By LevelBlue’s newly released 2025 Spotlight Report: Cyber Resilience and Business Impact in Manufacturing, uncovered the different ways this sector has increased its understanding of the role cybersecurity must play moving forward, including the need to adopt

React to this headline:

Loading spinner

LevelBlue Spotlight Report Finds Manufacturers Struggling with the Impact of AI and Supply Chain Risk Read More »

GeoServer Flaw Exploited in US Federal Agency Hack

CISA, exploited, GeoServer, Vulnerabilities /

GeoServer Flaw Exploited in US Federal Agency Hack 2025-09-24 at 16:21 By Ionut Arghire The hackers remained undetected for three weeks, deploying China Chopper, remote access scripts, and reconnaissance tools. The post GeoServer Flaw Exploited in US Federal Agency Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

GeoServer Flaw Exploited in US Federal Agency Hack Read More »

Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers

email security, ESG, exploited, Libraesva, Vulnerabilities, vulnerability /

Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers 2025-09-24 at 12:10 By Ionut Arghire Tracked as CVE-2025-59689, the command injection bug could be triggered via malicious emails containing crafted compressed attachments. The post Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Libraesva Email Security Gateway Vulnerability Exploited by Nation-State Hackers Read More »

6 Steps to Counter Fourth-Party Supply Chain Vendor Attacks

data breach, Database Protection, Tips & Tricks, Vulnerabilities /

6 Steps to Counter Fourth-Party Supply Chain Vendor Attacks 2025-09-23 at 21:46 By Kory Daniels Managing a cybersecurity program is hard, but also very meaningful, work. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

6 Steps to Counter Fourth-Party Supply Chain Vendor Attacks Read More »

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability

exploited, Featured, patch, SolarWinds, Vulnerabilities, Web Help Desk /

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability 2025-09-23 at 19:51 By Ionut Arghire CVE-2025-26399 is a patch bypass of CVE-2024-28988, which is a patch bypass of the exploited CVE-2024-28986. The post SolarWinds Makes Third Attempt at Patching Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability Read More »

Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited

agentic AI, AI, Artificial Intelligence, MCP, vulnerabiliites, Vulnerabilities /

Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited 2025-09-23 at 15:43 By Kevin Townsend A new ranking of Model Context Protocol weaknesses highlights critical risks—from prompt injection to command injection—and provides a roadmap for securing the foundations of agentic AI. The post Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be

React to this headline:

Loading spinner

Top 25 MCP Vulnerabilities Reveal How AI Agents Can Be Exploited Read More »

Fortra Patches Critical GoAnywhere MFT Vulnerability

Fortra, MFT, Vulnerabilities, vulnerability /

Fortra Patches Critical GoAnywhere MFT Vulnerability 2025-09-22 at 10:54 By Ionut Arghire Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection. The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Fortra Patches Critical GoAnywhere MFT Vulnerability Read More »

Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking

HMI, ICS, ICS/OT, OT, Vulnerabilities /

Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking 2025-09-19 at 11:43 By Eduard Kovacs Novakon HMIs are affected by remote code execution and information exposure vulnerabilities.  The post Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking Read More »

Chrome 140 Update Patches Sixth Zero-Day of 2025

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome 140 Update Patches Sixth Zero-Day of 2025 2025-09-18 at 11:10 By Ionut Arghire An exploited type confusion in the V8 JavaScript engine tracked as CVE-2025-10585 was found by Google Threat Analysis Group this week. The post Chrome 140 Update Patches Sixth Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Chrome 140 Update Patches Sixth Zero-Day of 2025 Read More »

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide

Emerging Threats, Security Research, Vulnerabilities /

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide 2025-09-17 at 16:00 By Cris Tomboc The threat group Storm-2603 is actively exploiting Microsoft SharePoint vulnerabilities to gain unauthorized access to critical infrastructure worldwide. Their attacks use a specialized toolkit and have a dual motive: espionage and financial gain through deploying ransomware. This highlights the urgent need

React to this headline:

Loading spinner

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide Read More »

From Shadow IT to Shadow AI: The Evolution of Unseen Risk

Artificial Intelligence, Emerging Threats, Vulnerabilities /

From Shadow IT to Shadow AI: The Evolution of Unseen Risk 2025-09-16 at 16:04 By Jon Spokes Security leaders are well acquainted with Shadow IT; the unsanctioned apps, services, and even devices employees adopt to bypass bureaucracy and accelerate productivity. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

From Shadow IT to Shadow AI: The Evolution of Unseen Risk Read More »

Rowhammer Attack Demonstrated Against DDR5

DDR5, DRAM., Endpoint Security, research, Rowhammer, Vulnerabilities /

Rowhammer Attack Demonstrated Against DDR5 2025-09-16 at 14:41 By Ionut Arghire Researchers devise Phoenix, a new Rowhammer attack that achieves root on DDR5 systems in less than two minutes. The post Rowhammer Attack Demonstrated Against DDR5 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Rowhammer Attack Demonstrated Against DDR5 Read More »

Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities

apple, Featured, iOS, iOS 26, macOS, macOS Tahoe, patch, Vulnerabilities /

Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities 2025-09-16 at 11:54 By Ionut Arghire Apple has announced major mobile and desktop platform releases and addressed an exploited bug in older platforms. The post Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities appeared first

React to this headline:

Loading spinner

Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities Read More »

Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm

Featured, hardware, KioSoft, MiFare, NFC, payment, Vulnerabilities, vulnerability /

Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm 2025-09-12 at 11:47 By Eduard Kovacs KioSoft was notified about a serious NFC card vulnerability in 2023 and only recently claimed to have released a patch. The post Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm appeared

React to this headline:

Loading spinner

Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm Read More »

Cisco Patches High-Severity IOS XR Vulnerabilities

Cisco, Vulnerabilities /

Cisco Patches High-Severity IOS XR Vulnerabilities 2025-09-11 at 17:37 By Ionut Arghire High-severity flaws in IOS XR could lead to ISO image verification bypass and denial-of-service conditions. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Cisco Patches High-Severity IOS XR Vulnerabilities Read More »

Critical Chrome Vulnerability Earns Researcher $43,000

Chrome, patch, Vulnerabilities, vulnerability /

Critical Chrome Vulnerability Earns Researcher $43,000 2025-09-11 at 16:35 By Ionut Arghire Google patched a critical use-after-free vulnerability in Chrome that could potentially lead to code execution. The post Critical Chrome Vulnerability Earns Researcher $43,000 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Chrome Vulnerability Earns Researcher $43,000 Read More »

Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability

data breach, Database Protection, Vulnerabilities /

Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability 2025-09-10 at 21:44 By The strongest cybersecurity strategy includes robust physical security, since not all cyberattacks begin with a hack. Physical security is a crucial yet often overlooked part of any organization’s defense-in-depth approach. Improve your physical security and cybersecurity posture with a

React to this headline:

Loading spinner

Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability Read More »

Scroll to Top