Vulnerabilities

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities

Cisco, Cisco ISE, exploited, Vulnerabilities, vulnerability /

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities 2025-07-23 at 12:27 By Ionut Arghire Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution. The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities Read More »

CISA Warns of SysAid Vulnerability Exploitation

CISA KEV, exploited, SysAid, Vulnerabilities /

CISA Warns of SysAid Vulnerability Exploitation 2025-07-23 at 12:27 By Eduard Kovacs CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog. The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CISA Warns of SysAid Vulnerability Exploitation Read More »

Vulnerabilities Expose Helmholz Industrial Routers to Hacking

Helmholz, ICS, ICS/OT, industrial router, OT, router, Vulnerabilities, vulnerability /

Vulnerabilities Expose Helmholz Industrial Routers to Hacking 2025-07-22 at 16:57 By Eduard Kovacs Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describing eight vulnerabilities discovered in

Vulnerabilities Expose Helmholz Industrial Routers to Hacking Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

China, China APT, exploited, Featured, Malware & Threats, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies”

data breach, Emerging Threats, Security Research, Vulnerabilities /

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” 2025-07-21 at 16:06 By Uncover how dark web “travel agencies” operate—from booking flights and hotels with stolen credentials to building customer-facing services that mimic legitimate platforms. Learn who uses dark web travel services and how unsuspecting consumers may get lured in through

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” Read More »

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

exploited, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers 2025-07-21 at 12:50 By Eduard Kovacs Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers Read More »

Exploited CrushFTP Zero-Day Provides Admin Access to Servers

CrushFTP, exploited, Vulnerabilities, Zero-Day /

Exploited CrushFTP Zero-Day Provides Admin Access to Servers 2025-07-21 at 10:46 By Ionut Arghire Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Exploited CrushFTP Zero-Day Provides Admin Access to Servers Read More »

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

CVE-2025-53770, exploit, Featured, Microsoft, SharePoint, Threat Intelligence, Vulnerabilities, vulnerability /

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available 2025-07-20 at 17:16 By Mike Lennon Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Read More »

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft

Emerging Threats, Security Research, Vulnerabilities /

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft 2025-07-18 at 16:06 By Serhii Melnyk Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and adaptable delivery mechanisms in mobile threat campaigns. Threat actors routinely exploit social engineering and off-market distribution to bypass conventional security controls and capitalize

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft Read More »

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication

exploited, Fortinet, FortiWeb, Vulnerabilities /

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication 2025-07-18 at 14:45 By Ionut Arghire Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek. This article is an excerpt from

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Read More »

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable

Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable 2025-07-18 at 13:18 By Ionut Arghire The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied. The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek. This article is an excerpt from

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable Read More »

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched

patch, Pwn2Own, VMWare, Vulnerabilities, vulnerability /

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched 2025-07-17 at 12:32 By Eduard Kovacs Four CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products. The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched Read More »

Cisco Patches Another Critical ISE Vulnerability

Cisco, patch, Vulnerabilities, vulnerability /

Cisco Patches Another Critical ISE Vulnerability 2025-07-17 at 12:32 By Ionut Arghire Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches Another Critical ISE Vulnerability Read More »

Oracle Patches 200 Vulnerabilities With July 2025 CPU

Oracle, patch, Vulnerabilities, vulnerability /

Oracle Patches 200 Vulnerabilities With July 2025 CPU 2025-07-17 at 10:37 By Ionut Arghire Oracle’s July 2025 Critical Patch Update contains 309 security patches that address approximately 200 unique CVEs. The post Oracle Patches 200 Vulnerabilities With July 2025 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Oracle Patches 200 Vulnerabilities With July 2025 CPU Read More »

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability 

AI, Artificial Intelligence, Big Sleep, SQLite, Vulnerabilities, vulnerability /

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  2025-07-16 at 14:47 By Eduard Kovacs Google refused to share any details on how its Big Sleep AI foiled efforts to exploit a SQLite vulnerability in the wild. The post Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  appeared first on SecurityWeek. This article is

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  Read More »

Chrome Update Patches Fifth Zero-Day of 2025

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome Update Patches Fifth Zero-Day of 2025 2025-07-16 at 10:01 By Ionut Arghire Google has released a Chrome 138 security update that patches a zero-day, the fifth resolved in the browser this year. The post Chrome Update Patches Fifth Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Chrome Update Patches Fifth Zero-Day of 2025 Read More »

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA

CISA KEV, Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA 2025-07-14 at 17:58 By Ionut Arghire CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA Read More »

Hackers Inject Malware Into Gravity Forms WordPress Plugin 

Malware, Vulnerabilities, WordPress, WordPress plugin /

Hackers Inject Malware Into Gravity Forms WordPress Plugin  2025-07-14 at 12:32 By Ionut Arghire Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack. The post Hackers Inject Malware Into Gravity Forms WordPress Plugin  appeared first on SecurityWeek. This article is an excerpt from

Hackers Inject Malware Into Gravity Forms WordPress Plugin  Read More »

Critical Wing FTP Server Vulnerability Exploited

exploited, Vulnerabilities, vulnerability, Wing FTP server /

Critical Wing FTP Server Vulnerability Exploited 2025-07-11 at 12:32 By Ionut Arghire Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Wing FTP Server Vulnerability Exploited Read More »

Rowhammer Attack Demonstrated Against Nvidia GPU

GPU, GPUHammer, NVIDIA, Rowhammer, Vulnerabilities /

Rowhammer Attack Demonstrated Against Nvidia GPU 2025-07-11 at 11:17 By Eduard Kovacs Researchers demonstrated GPUHammer — a Rowhammer attack against GPUs — by degrading the accuracy of machine learning models. The post Rowhammer Attack Demonstrated Against Nvidia GPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Rowhammer Attack Demonstrated Against Nvidia GPU Read More »

Scroll to Top