Vulnerabilities

8,000 New WordPress Vulnerabilities Reported in 2024

report, Vulnerabilities, vulnerability, WordPress /

8,000 New WordPress Vulnerabilities Reported in 2024 2025-03-17 at 18:14 By Ionut Arghire Nearly 8,000 new vulnerabilities affecting the WordPress ecosystem were reported last year, nearly all in plugins and themes. The post 8,000 New WordPress Vulnerabilities Reported in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React […]

React to this headline:

Loading spinner

8,000 New WordPress Vulnerabilities Reported in 2024 Read More »

Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services

AI, Artificial Intelligence, Featured, NVIDIA, Riva, Vulnerabilities, vulnerability /

Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services 2025-03-17 at 13:16 By Eduard Kovacs Vulnerabilities in Nvidia Riva could allow hackers to abuse speech and translation AI services that are typically expensive.  The post Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Nvidia Riva Vulnerabilities Allow Unauthorized Use of AI Services Read More »

FreeType Zero-Day Being Exploited in the Wild

CVE-2025-27363, Facebook, FreeType, Malware & Threats, Meta, Vulnerabilities, Zero-Day /

FreeType Zero-Day Being Exploited in the Wild 2025-03-13 at 19:24 By Ryan Naraine Meta’s Facebook security team warns of live exploitation of a zero-day vulnerability in the open-source FreeType library.  The post FreeType Zero-Day Being Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

FreeType Zero-Day Being Exploited in the Wild Read More »

Cisco Patches 10 Vulnerabilities in IOS XR

Cisco, Vulnerabilities, vulnerability /

Cisco Patches 10 Vulnerabilities in IOS XR 2025-03-13 at 18:02 By Ionut Arghire Cisco has released patches for 10 vulnerabilities in IOS XR, including five denial-of-service (DoS) bugs. The post Cisco Patches 10 Vulnerabilities in IOS XR appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Cisco Patches 10 Vulnerabilities in IOS XR Read More »

Challenges for Australian Manufacturers: Insights from the 2025 Trustwave Risk Radar Report

Database Protection, Perspectives, Vulnerabilities /

Challenges for Australian Manufacturers: Insights from the 2025 Trustwave Risk Radar Report 2025-03-13 at 17:48 By The Trustwave SpiderLabs research 2025 Trustwave Risk Radar Report: Manufacturing Sector takes a global view of the cybersecurity issues facing this vertical, but it’s also important to examine how and if different regions are specifically impacted. This article is an excerpt

React to this headline:

Loading spinner

Challenges for Australian Manufacturers: Insights from the 2025 Trustwave Risk Radar Report Read More »

Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution

Development, DevSecOps, Vulnerabilities /

Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution 2025-03-13 at 13:49 By Matias Madou Organizations can align their processes with one of two global industry standards for self-assessment and security maturity—BSIMM and OWASP SAMM. The post Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution appeared first on

React to this headline:

Loading spinner

Security Maturity Models: Leveraging Executive Risk Appetite for Your Secure Development Evolution Read More »

How Managed Database Security Enhances Compliance, Privacy, and Threat Defense for the Financial Services Sector

data breach, Database Protection, Vulnerabilities /

How Managed Database Security Enhances Compliance, Privacy, and Threat Defense for the Financial Services Sector 2025-03-12 at 20:17 By Proactive Threat Defense for Financial Institutions: Trustwave’s DbProtect actively identifies sensitive data locations and analyzes potential threat vectors, enabling immediate security measures like enhanced access controls and vulnerability prioritization. Advanced Offensive Security Measures: Trustwave’s offensive security

React to this headline:

Loading spinner

How Managed Database Security Enhances Compliance, Privacy, and Threat Defense for the Financial Services Sector Read More »

Resurgence of a Fake Captcha Malware Campaign

Vulnerabilities /

Resurgence of a Fake Captcha Malware Campaign 2025-03-12 at 19:06 By Reegun Jayapaul During an Advanced Continual Threat Hunt (ACTH) investigation in early February 2025, Trustwave SpiderLabs discovered a resurgence of fake CAPTCHA verifications designed to deceive victims into executing malicious PowerShell scripts. This campaign employs a multi-stage PowerShell execution process, ultimately delivering infostealers such as Lumma and

React to this headline:

Loading spinner

Resurgence of a Fake Captcha Malware Campaign Read More »

Zoom Patches 4 High-Severity Vulnerabilities

patch, Vulnerabilities, vulnerability, Zoom /

Zoom Patches 4 High-Severity Vulnerabilities 2025-03-12 at 17:04 By Eduard Kovacs Zoom has patched five vulnerabilities in its applications, including four high-severity flaws. The post Zoom Patches 4 High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Zoom Patches 4 High-Severity Vulnerabilities Read More »

Fortinet Patches 18 Vulnerabilities 

Fortinet, Vulnerabilities, vulnerability /

Fortinet Patches 18 Vulnerabilities  2025-03-12 at 14:52 By Eduard Kovacs Fortinet has published 17 new advisories to inform customers about 18 vulnerabilities patched in its products. The post Fortinet Patches 18 Vulnerabilities  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Fortinet Patches 18 Vulnerabilities  Read More »

Newly Patched Windows Zero-Day Exploited for Two Years

exploited, Vulnerabilities, Windows, Zero-Day /

Newly Patched Windows Zero-Day Exploited for Two Years 2025-03-12 at 14:18 By Ionut Arghire Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023. The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Newly Patched Windows Zero-Day Exploited for Two Years Read More »

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw

apple, CVE-2025-24201, iOS, iOS 18.3.2, Mobile & Wireless, USB Restricted Mode, Vulnerabilities, Zero-Day /

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw 2025-03-11 at 21:16 By Ryan Naraine Apple warns that the WebKIt bug “may have been exploited in an extremely sophisticated attack against specific targeted individuals.” The post Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw Read More »

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days 

critical infrastructure, Malware & Threats, Microsoft, Patch Tuesday, remote code execution, Vulnerabilities, Zero-Day /

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  2025-03-11 at 21:03 By Ryan Naraine Redmond ships major security updates with warnings that a half-dozen Windows vulnerabilities have already been exploited in the wild. The post Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Patch Tuesday: Microsoft Patches 57 Flaws, Flags Six Active Zero-Days  Read More »

Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader

Acrobat and Reader, Adobe, InDesign, Patch Tuesday, Risk Management, Vulnerabilities /

Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader 2025-03-11 at 19:47 By Ryan Naraine Adobe documents 35 security flaws in a wide range of products, including code-execution issues in the Acrobat and Reader applications. The post Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Patch Tuesday: Critical Code-Execution Bugs in Acrobat and Reader Read More »

SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver

SAP, Vulnerabilities, vulnerability /

SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver 2025-03-11 at 15:00 By Ionut Arghire SAP released 21 new security notes and updated three security notes on March 2025 security patch day. The post SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver Read More »

CISA Warns of Ivanti EPM Vulnerability Exploitation

CISA KEV, exploited, Ivanti, Vulnerabilities /

CISA Warns of Ivanti EPM Vulnerability Exploitation 2025-03-11 at 13:45 By Ionut Arghire CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog. The post CISA Warns of Ivanti EPM Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Warns of Ivanti EPM Vulnerability Exploitation Read More »

Google Paid Out $12 Million via Bug Bounty Programs in 2024

bug bounty program, Google, Vulnerabilities /

Google Paid Out $12 Million via Bug Bounty Programs in 2024 2025-03-10 at 14:18 By Ionut Arghire In 2024, Google paid out nearly $12 million in bug bounties through its revamped vulnerability reward programs. The post Google Paid Out $12 Million via Bug Bounty Programs in 2024 appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Google Paid Out $12 Million via Bug Bounty Programs in 2024 Read More »

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report

In Other News, Vulnerabilities /

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report 2025-03-07 at 19:02 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Google discloses AMD CPU flaw named EntrySign, ISPs in the US and China targeted in massive attack, ENISA report on NIS2 Directive. The post In Other News: EntrySign

React to this headline:

Loading spinner

In Other News: EntrySign AMD Flaw, Massive Attack Targets ISPs, ENISA Report Read More »

Russian State Actors: Development in Group Attributions

Database Protection, Government, Perspectives, Security Research, Vulnerabilities /

Russian State Actors: Development in Group Attributions 2025-03-07 at 16:33 By Pawel Knapczyk and Nikita Kazymirskyi This is the final installment of Trustwave SpiderLabs Russia-Ukraine digital battlefield series, which has spanned topics including the differences between Russia and Ukraine cyber actors, how government entities, defense organizations, and human targets were caught in the cyber crossfire,

React to this headline:

Loading spinner

Russian State Actors: Development in Group Attributions Read More »

A Deep Dive into Strela Stealer and how it Targets European Countries

data breach, Database Protection, Emerging Threats, Security Research, Vulnerabilities /

A Deep Dive into Strela Stealer and how it Targets European Countries 2025-03-07 at 00:01 By Dawid Nesterowicz Infostealers have dominated the malware landscape due to the ease of threat operations maintenance, and a wide group of potential victims. In this blog, we take a closer look at a unique infostealer designed to precisely target

React to this headline:

Loading spinner

A Deep Dive into Strela Stealer and how it Targets European Countries Read More »

Scroll to Top