Vulnerabilities

Chrome 142 Update Patches Exploited Zero-Day

Chrome 142 Update Patches Exploited Zero-Day 2025-11-18 at 09:33 By Ionut Arghire The flaw was reported by Google’s Threat Analysis Group and was likely exploited by a commercial spyware vendor. The post Chrome 142 Update Patches Exploited Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 142 Update Patches Exploited Zero-Day Read More »

Widespread Exploitation of XWiki Vulnerability Observed

Widespread Exploitation of XWiki Vulnerability Observed 2025-11-17 at 13:06 By Ionut Arghire The exploitation of the recent XWiki vulnerability has expanded to botnets, cryptocurrency miners, scanners, and custom tools. The post Widespread Exploitation of XWiki Vulnerability Observed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Widespread Exploitation of XWiki Vulnerability Observed Read More »

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability 2025-11-14 at 23:49 By Ionut Arghire Security firms say the flaw has been actively exploited for weeks, even as Fortinet quietly shipped fixes and CISA added the bug to its KEV catalog. The post Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability appeared first on SecurityWeek. This

Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability Read More »

In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty

In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty 2025-11-14 at 17:38 By SecurityWeek News Other noteworthy stories that might have slipped under the radar: EchoGram attack undermines AI guardrails, Asahi brewer still crippled after ransomware attack, Sora 2 system prompt uncovered. The post In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI

In Other News: Deepwatch Layoffs, macOS Vulnerability, Amazon AI Bug Bounty Read More »

Imunify360 Vulnerability Could Expose Millions of Sites to Hacking

Imunify360 Vulnerability Could Expose Millions of Sites to Hacking 2025-11-14 at 15:22 By Eduard Kovacs A vulnerability in ImunifyAV can be exploited for arbitrary code execution by uploading a malicious file to shared servers. The post Imunify360 Vulnerability Could Expose Millions of Sites to Hacking appeared first on SecurityWeek. This article is an excerpt from

Imunify360 Vulnerability Could Expose Millions of Sites to Hacking Read More »

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287 2025-11-14 at 15:10 By Fernando Martinez LevelBlue Labs is tracking a severe vulnerability in Windows Server Update Services (WSUS), CVE-2025-59287, that allows attackers to remotely execute code without authentication and is being exploited by threat actors to compromise vulnerable Windows Server users. This

Microsoft Issues Emergency Patch for Windows Server Update Services RCE Vulnerability CVE-2025-59287 Read More »

Art and Science: Cyber and Physical Security Convergence Deficiencies in the Louvre Heist

Art and Science: Cyber and Physical Security Convergence Deficiencies in the Louvre Heist 2025-11-14 at 15:06 By William Evers and Anthony Abell Cyber meets physical security: Weak passwords and outdated systems may have opened the door to the thieves. A warning for all industries: The Louvre incident shows why converging cybersecurity and physical security is

Art and Science: Cyber and Physical Security Convergence Deficiencies in the Louvre Heist Read More »

Critical WatchGuard Firebox Vulnerability Exploited in Attacks

Critical WatchGuard Firebox Vulnerability Exploited in Attacks 2025-11-13 at 14:40 By Ionut Arghire Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. The post Critical WatchGuard Firebox Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical WatchGuard Firebox Vulnerability Exploited in Attacks Read More »

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon 2025-11-13 at 11:57 By Ionut Arghire Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days. The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon Read More »

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases 2025-11-13 at 07:38 By Ionut Arghire Google and Mozilla have released fresh Chrome and Firefox updates that address multiple high-severity security defects. The post Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases appeared first on SecurityWeek. This article is an excerpt

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases Read More »

Google Paid Out $458,000 at Live Hacking Event

Google Paid Out $458,000 at Live Hacking Event 2025-11-12 at 14:44 By Ionut Arghire Researchers submitted 107 bug reports during the bugSWAT hacking event at the ESCAL8 conference in New Mexico. The post Google Paid Out $458,000 at Live Hacking Event appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Google Paid Out $458,000 at Live Hacking Event Read More »

High-Severity Vulnerabilities Patched by Ivanti and Zoom

High-Severity Vulnerabilities Patched by Ivanti and Zoom 2025-11-12 at 14:44 By Ionut Arghire Ivanti and Zoom resolved security defects that could lead to arbitrary file writes, elevation of privilege, code execution, and information disclosure. The post High-Severity Vulnerabilities Patched by Ivanti and Zoom appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

High-Severity Vulnerabilities Patched by Ivanti and Zoom Read More »

Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel

Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel 2025-11-12 at 12:40 By Eduard Kovacs Intel, AMD and Nvidia have published security advisories describing vulnerabilities found recently in their products. The post Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chipmaker Patch Tuesday: Over 60 Vulnerabilities Patched by Intel Read More »

Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform

Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform 2025-11-11 at 23:07 By Mike Lennon Tel Aviv, Israel based Tenzai has developed an AI-driven platform for penetration testing, which it says can continuously identify and address vulnerabilities. The post Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform appeared first

Tenzai Raises $75 Million in Seed Funding to Build AI-Powered Pentesting Platform Read More »

Microsoft Patches Actively Exploited Windows Kernel Zero-Day

Microsoft Patches Actively Exploited Windows Kernel Zero-Day 2025-11-11 at 23:07 By Eduard Kovacs Microsoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products. The post Microsoft Patches Actively Exploited Windows Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches Actively Exploited Windows Kernel Zero-Day Read More »

Critical Triofox Vulnerability Exploited in the Wild

Critical Triofox Vulnerability Exploited in the Wild 2025-11-11 at 17:38 By Ionut Arghire A threat actor has exploited the issue to create a new administrator account and then used the account to execute remote access tools. The post Critical Triofox Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from

Critical Triofox Vulnerability Exploited in the Wild Read More »

SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager

SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager 2025-11-11 at 16:59 By Ionut Arghire Hardcoded credentials in SQL Anywhere Monitor could allow attackers to execute arbitrary code on vulnerable deployments. The post SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager Read More »

QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland

QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland 2025-11-10 at 16:49 By Ionut Arghire Multiple vulnerabilities across QNAP’s portfolio could lead to remote code execution, information disclosure, and denial-of-service (DoS) conditions. The post QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

QNAP Patches Vulnerabilities Exploited at Pwn2Own Ireland Read More »

Runc Vulnerabilities Can Be Exploited to Escape Containers

Runc Vulnerabilities Can Be Exploited to Escape Containers 2025-11-10 at 16:29 By Eduard Kovacs The flaws tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881 have been patched. The post Runc Vulnerabilities Can Be Exploited to Escape Containers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Runc Vulnerabilities Can Be Exploited to Escape Containers Read More »

Scroll to Top