Vulnerabilities

Fortra Patches Critical GoAnywhere MFT Vulnerability

Fortra Patches Critical GoAnywhere MFT Vulnerability 2025-09-22 at 10:54 By Ionut Arghire Tracked as CVE-2025-10035 (CVSS score of 10), the critical deserialization vulnerability could be exploited for command injection. The post Fortra Patches Critical GoAnywhere MFT Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortra Patches Critical GoAnywhere MFT Vulnerability Read More »

Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking

Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking 2025-09-19 at 11:43 By Eduard Kovacs Novakon HMIs are affected by remote code execution and information exposure vulnerabilities.  The post Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Unpatched Vulnerabilities Expose Novakon HMIs to Remote Hacking Read More »

Chrome 140 Update Patches Sixth Zero-Day of 2025

Chrome 140 Update Patches Sixth Zero-Day of 2025 2025-09-18 at 11:10 By Ionut Arghire An exploited type confusion in the V8 JavaScript engine tracked as CVE-2025-10585 was found by Google Threat Analysis Group this week. The post Chrome 140 Update Patches Sixth Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from

Chrome 140 Update Patches Sixth Zero-Day of 2025 Read More »

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide 2025-09-17 at 16:00 By Cris Tomboc The threat group Storm-2603 is actively exploiting Microsoft SharePoint vulnerabilities to gain unauthorized access to critical infrastructure worldwide. Their attacks use a specialized toolkit and have a dual motive: espionage and financial gain through deploying ransomware. This highlights the urgent need

Storm-2603: Targeting SharePoint Vulnerabilities and Critical Infrastructure Worldwide Read More »

From Shadow IT to Shadow AI: The Evolution of Unseen Risk

From Shadow IT to Shadow AI: The Evolution of Unseen Risk 2025-09-16 at 16:04 By Jon Spokes Security leaders are well acquainted with Shadow IT; the unsanctioned apps, services, and even devices employees adopt to bypass bureaucracy and accelerate productivity. This article is an excerpt from Trustwave Blog View Original Source

From Shadow IT to Shadow AI: The Evolution of Unseen Risk Read More »

Rowhammer Attack Demonstrated Against DDR5

Rowhammer Attack Demonstrated Against DDR5 2025-09-16 at 14:41 By Ionut Arghire Researchers devise Phoenix, a new Rowhammer attack that achieves root on DDR5 systems in less than two minutes. The post Rowhammer Attack Demonstrated Against DDR5 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Rowhammer Attack Demonstrated Against DDR5 Read More »

Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities

Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities 2025-09-16 at 11:54 By Ionut Arghire Apple has announced major mobile and desktop platform releases and addressed an exploited bug in older platforms. The post Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities appeared first

Apple Rolls Out iOS 26, macOS Tahoe 26 With Patches for Over 50 Vulnerabilities Read More »

Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm

Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm 2025-09-12 at 11:47 By Eduard Kovacs KioSoft was notified about a serious NFC card vulnerability in 2023 and only recently claimed to have released a patch. The post Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm appeared

Payment System Vendor Took Year+ to Patch Infinite Card Top-Up Hack: Security Firm Read More »

Cisco Patches High-Severity IOS XR Vulnerabilities

Cisco Patches High-Severity IOS XR Vulnerabilities 2025-09-11 at 17:37 By Ionut Arghire High-severity flaws in IOS XR could lead to ISO image verification bypass and denial-of-service conditions. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Cisco Patches High-Severity IOS XR Vulnerabilities Read More »

Critical Chrome Vulnerability Earns Researcher $43,000

Critical Chrome Vulnerability Earns Researcher $43,000 2025-09-11 at 16:35 By Ionut Arghire Google patched a critical use-after-free vulnerability in Chrome that could potentially lead to code execution. The post Critical Chrome Vulnerability Earns Researcher $43,000 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Chrome Vulnerability Earns Researcher $43,000 Read More »

Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability

Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability 2025-09-10 at 21:44 By The strongest cybersecurity strategy includes robust physical security, since not all cyberattacks begin with a hack. Physical security is a crucial yet often overlooked part of any organization’s defense-in-depth approach. Improve your physical security and cybersecurity posture with a

Not All Cyberattacks Begin with a Phishing Attack, Hack or Exploited Vulnerability Read More »

Fortinet, Ivanti, Nvidia Release Security Updates

Fortinet, Ivanti, Nvidia Release Security Updates 2025-09-10 at 13:52 By Ionut Arghire High-severity vulnerabilities could lead to remote code execution, privilege escalation, information disclosure, and configuration tampering. The post Fortinet, Ivanti, Nvidia Release Security Updates appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Fortinet, Ivanti, Nvidia Release Security Updates Read More »

Microsoft Patches 86 Vulnerabilities

Microsoft Patches 86 Vulnerabilities 2025-09-09 at 21:57 By Eduard Kovacs Microsoft has released patches for dozens of flaws in Windows and other products, including ones with ‘exploitation more likely’ rating. The post Microsoft Patches 86 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Patches 86 Vulnerabilities Read More »

Adobe Patches Critical ColdFusion and Commerce Vulnerabilities

Adobe Patches Critical ColdFusion and Commerce Vulnerabilities 2025-09-09 at 21:21 By Eduard Kovacs Adobe has patched nearly two dozen vulnerabilities across nine of its products with its September 2025 Patch Tuesday updates. The post Adobe Patches Critical ColdFusion and Commerce Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Adobe Patches Critical ColdFusion and Commerce Vulnerabilities Read More »

The Cost of Inaction: Securing the Energy Grid Before It’s Too Late

The Cost of Inaction: Securing the Energy Grid Before It’s Too Late 2025-09-09 at 21:13 By Kory Daniels Critical infrastructure is under attack. Cyber threats to the energy sector have surged by 80% in one year. The average data breach in the energy sector now costs companies over $5 million, significantly more than the cross-industry

The Cost of Inaction: Securing the Energy Grid Before It’s Too Late Read More »

SAP Patches Critical NetWeaver Vulnerabilities

SAP Patches Critical NetWeaver Vulnerabilities 2025-09-09 at 17:07 By Ionut Arghire The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation. The post SAP Patches Critical NetWeaver Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SAP Patches Critical NetWeaver Vulnerabilities Read More »

Recent SAP S/4HANA Vulnerability Exploited in Attacks

Recent SAP S/4HANA Vulnerability Exploited in Attacks 2025-09-05 at 11:09 By Eduard Kovacs A critical SAP S/4HANA code injection flaw tracked as CVE-2025-42957 and allowing full system takeover has been exploited in the wild. The post Recent SAP S/4HANA Vulnerability Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Recent SAP S/4HANA Vulnerability Exploited in Attacks Read More »

Hackers Exploit Sitecore Zero-Day for Malware Delivery

Hackers Exploit Sitecore Zero-Day for Malware Delivery 2025-09-04 at 12:02 By Ionut Arghire Google has observed ViewState deserialization attacks leveraging a sample machine key exposed in older deployment guides. The post Hackers Exploit Sitecore Zero-Day for Malware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Exploit Sitecore Zero-Day for Malware Delivery Read More »

US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack

US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack 2025-09-03 at 22:15 By Ionut Arghire Flaw allows attackers to reset and hijack TP-Link TL-WA855RE devices; CISA urges users to retire discontinued extenders. The post US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack appeared first on SecurityWeek. This article is an

US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack Read More »

Google Patches High-Severity Chrome Vulnerability in Latest Update

Google Patches High-Severity Chrome Vulnerability in Latest Update 2025-09-03 at 17:40 By Ionut Arghire Chrome’s latest release addresses a high-severity use-after-free vulnerability in the V8 JavaScript engine that could be exploited for remote code execution. The post Google Patches High-Severity Chrome Vulnerability in Latest Update appeared first on SecurityWeek. This article is an excerpt from

Google Patches High-Severity Chrome Vulnerability in Latest Update Read More »

Scroll to Top