MITRE Updates List of Most Common Hardware Weaknesses 2025-08-22 at 10:52 By Ionut Arghire MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges. The post MITRE Updates List of Most Common Hardware Weaknesses appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original […]
MITRE Updates List of Most Common Hardware Weaknesses Read More »
Password Managers Vulnerable to Data Theft via Clickjacking 2025-08-21 at 15:18 By Eduard Kovacs A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks. The post Password Managers Vulnerable to Data Theft via Clickjacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Password Managers Vulnerable to Data Theft via Clickjacking Read More »
Apple Patches Zero-Day Exploited in Targeted Attacks 2025-08-21 at 13:21 By Ionut Arghire Apple has rolled out iOS and macOS updates that resolve a zero-day vulnerability exploited in highly targeted attacks. The post Apple Patches Zero-Day Exploited in Targeted Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Apple Patches Zero-Day Exploited in Targeted Attacks Read More »
Elastic Refutes Claims of Zero-Day in EDR Product 2025-08-20 at 17:08 By Ionut Arghire Elastic has found no evidence of a vulnerability leading to RCE after details and PoC of a Defend EDR bypass were published online. The post Elastic Refutes Claims of Zero-Day in EDR Product appeared first on SecurityWeek. This article is an
Elastic Refutes Claims of Zero-Day in EDR Product Read More »
High-Severity Vulnerabilities Patched in Chrome, Firefox 2025-08-20 at 11:19 By Ionut Arghire Google and Mozilla have released patches for multiple high-severity vulnerabilities affecting Chrome and Firefox. The post High-Severity Vulnerabilities Patched in Chrome, Firefox appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
High-Severity Vulnerabilities Patched in Chrome, Firefox Read More »
Intel Employee Data Exposed by Vulnerabilities 2025-08-20 at 10:18 By Eduard Kovacs A researcher said he found vulnerable internal services that exposed the information of 270,000 Intel employees. The post Intel Employee Data Exposed by Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Intel Employee Data Exposed by Vulnerabilities Read More »
New Exploit Poses Threat to SAP NetWeaver Instances 2025-08-19 at 15:59 By Ionut Arghire A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. The post New Exploit Poses Threat to SAP NetWeaver Instances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
New Exploit Poses Threat to SAP NetWeaver Instances Read More »
Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities 2025-08-18 at 15:25 By Ionut Arghire More than 870 N-able N-central instances have not been patched against CVE-2025-8875 and CVE-2025-8876, two exploited vulnerabilities. The post Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities Read More »
Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) 2025-08-16 at 16:58 By SecurityWeek News CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) appeared
Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) Read More »
Cisco Patches Critical Vulnerability in Firewall Management Platform 2025-08-15 at 10:48 By Eduard Kovacs Cisco has released over 20 advisories as part of its August 2025 bundled publication for ASA, FMC and FTD products. The post Cisco Patches Critical Vulnerability in Firewall Management Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
Cisco Patches Critical Vulnerability in Firewall Management Platform Read More »
Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution 2025-08-14 at 17:04 By Eduard Kovacs Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core. The post Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution appeared first on SecurityWeek. This article is an excerpt
Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution Read More »
CISA Warns of Attacks Exploiting N-able Vulnerabilities 2025-08-14 at 15:32 By Eduard Kovacs CISA reported becoming aware of attacks exploiting CVE-2025-8875 and CVE-2025-8876 in N-able N-central on the day they were patched. The post CISA Warns of Attacks Exploiting N-able Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
CISA Warns of Attacks Exploiting N-able Vulnerabilities Read More »
‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks 2025-08-14 at 14:31 By Eduard Kovacs The new DDoS attack vector, which involves HTTP/2 implementation flaws, has been compared to Rapid Reset. The post ‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
‘MadeYouReset’ HTTP2 Vulnerability Enables Massive DDoS Attacks Read More »
When Hackers Call: Social Engineering, Abusing Brave Support, and EncryptHub’s Expanding Arsenal 2025-08-13 at 21:40 By Nathaniel Morales and Nikita Kazymirskyi Trustwave SpiderLabs researchers have recently identified an EncryptHub campaign that combines social engineering with abuse of the Brave Support platform to deliver malicious payloads via the CVE-2025-26633 vulnerability. In this blog post, we will
The Continuing Threat of Cyberattacks on Healthcare 2025-08-13 at 16:08 By Kory Daniels The current trends in healthcare technology adoption present an interesting dynamic. This article is an excerpt from Trustwave Blog View Original Source
The Continuing Threat of Cyberattacks on Healthcare Read More »
Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia 2025-08-13 at 15:35 By Eduard Kovacs Intel, AMD and Nvidia have published security advisories describing vulnerabilities found recently in their products. The post Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia Read More »
Fortinet, Ivanti Release August 2025 Security Patches 2025-08-13 at 12:43 By Eduard Kovacs Fortinet and Ivanti have published new security advisories for their August 2025 Patch Tuesday updates. The post Fortinet, Ivanti Release August 2025 Security Patches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Fortinet, Ivanti Release August 2025 Security Patches Read More »
Microsoft Patches Over 100 Vulnerabilities 2025-08-13 at 07:02 By Eduard Kovacs Microsoft’s August 2025 Patch Tuesday updates address critical vulnerabilities in Windows, Office, and Hyper-V. The post Microsoft Patches Over 100 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Microsoft Patches Over 100 Vulnerabilities Read More »
CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event) 2025-08-12 at 15:35 By SecurityWeek News Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual
CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event) Read More »
SAP Patches Critical S/4HANA Vulnerability 2025-08-12 at 14:42 By Eduard Kovacs SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities. The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SAP Patches Critical S/4HANA Vulnerability Read More »