Vulnerabilities

SAP Patches Critical Code Injection Vulnerabilities

patch, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Code Injection Vulnerabilities 2025-04-08 at 16:29 By Ionut Arghire SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws. The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

SAP Patches Critical Code Injection Vulnerabilities Read More »

WhatsApp Vulnerability Could Facilitate Remote Code Execution

Meta, MIME, Vulnerabilities, vulnerability, WhatsApp /

WhatsApp Vulnerability Could Facilitate Remote Code Execution 2025-04-08 at 16:29 By Eduard Kovacs An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users. The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

WhatsApp Vulnerability Could Facilitate Remote Code Execution Read More »

ESET Vulnerability Exploited for Stealthy Malware Execution

ESET, exploited, ToddyCat, Vulnerabilities, vulnerability /

ESET Vulnerability Exploited for Stealthy Malware Execution 2025-04-08 at 15:32 By Ionut Arghire A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery. The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

ESET Vulnerability Exploited for Stealthy Malware Execution Read More »

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk

exploited, Ivanti, Vulnerabilities, vulnerability /

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk 2025-04-08 at 13:58 By Ionut Arghire More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. This article is an excerpt

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk Read More »

Why Strong Usernames Matter for Your Online Security

Tips & Tricks, Vulnerabilities /

Why Strong Usernames Matter for Your Online Security 2025-04-07 at 16:02 By Damian Archer Protect Your Privacy: Using the same username across accounts can expose personal information and increase the risk of extortion and data theft. Reduce Breach Impact: Unique usernames, combined with strong passwords, minimize the chances of hackers accessing multiple accounts after a

Why Strong Usernames Matter for Your Online Security Read More »

NIST Puts Pre-2018 CVEs on Back Burner as It Works to Clear Backlog

backlog, CVE, NIST, NVD, Vulnerabilities /

NIST Puts Pre-2018 CVEs on Back Burner as It Works to Clear Backlog 2025-04-07 at 14:02 By Ionut Arghire NIST has marked pre-2018 CVEs in NVD as ‘Deferred’ and will no longer spend resources on enriching them. The post NIST Puts Pre-2018 CVEs on Back Burner as It Works to Clear Backlog appeared first on

NIST Puts Pre-2018 CVEs on Back Burner as It Works to Clear Backlog Read More »

Critical Apache Parquet Vulnerability Leads to Remote Code Execution

Apache Parquet, Vulnerabilities, vulnerability /

Critical Apache Parquet Vulnerability Leads to Remote Code Execution 2025-04-04 at 13:18 By Ionut Arghire A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from

Critical Apache Parquet Vulnerability Leads to Remote Code Execution Read More »

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking

Halo, HaloITSM, SQL injection, Vulnerabilities, vulnerability /

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking 2025-04-03 at 18:46 By Eduard Kovacs An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking Read More »

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability 

CrushFTP, CVE, exploited, Featured, Vulnerabilities /

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  2025-04-03 at 13:31 By Eduard Kovacs Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’. The post Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  appeared first on SecurityWeek. This article is an

Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability  Read More »

Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks

Cisco, patch, Vulnerabilities, vulnerability /

Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks 2025-04-03 at 13:06 By Ionut Arghire Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email. The post Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks Read More »

Google Released Second Fix for Quick Share Flaws After Patch Bypass

bypass, incomplete patch, patch, Quick Share, Vulnerabilities /

Google Released Second Fix for Quick Share Flaws After Patch Bypass 2025-04-03 at 12:06 By Ionut Arghire Google’s patches for Quick Share for Windows vulnerabilities leading to remote code execution were incomplete and could be easily bypassed. The post Google Released Second Fix for Quick Share Flaws After Patch Bypass appeared first on SecurityWeek. This

Google Released Second Fix for Quick Share Flaws After Patch Bypass Read More »

Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses

AI, Artificial Intelligence, DeepMind, Featured, Google, Vulnerabilities /

Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses 2025-04-02 at 16:47 By Kevin Townsend DeepMind found that current AI frameworks are ad hoc, not systematic, and fail to provide defenders with useful insights. The post Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses appeared first on SecurityWeek. This article is an excerpt from

Google DeepMind Unveils Framework to Exploit AI’s Cyber Weaknesses Read More »

Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities 2025-04-02 at 12:05 By Ionut Arghire Chrome 135 and Firefox 137 were released on Tuesday with fixes for several high-severity memory safety vulnerabilities. The post Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities Read More »

Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities

Artificial Intelligence, Barebox, bootloader, Copilot, Grub2, Microsoft, secure boot, U-boot, Vulnerabilities /

Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities 2025-04-02 at 00:40 By Ryan Naraine Using the Security Copilot tool, Microsoft discovered 20 critical vulnerabilities in widely deployed open-source bootloaders. The post Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities Read More »

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog

backdoor, China, CloudSail, Malware & Threats, Robotics, tunnel network, Unitree Go1, Vulnerabilities /

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog 2025-04-01 at 22:17 By Ryan Naraine The undocumented tunnel allows remote control all robot dogs on the tunnel network and use the vision cameras to see through their eyes. The post Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog appeared first on SecurityWeek.

Undocumented Remote Access Backdoor Found in Unitree Go1 Robot Dog Read More »

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals

Palo Alto Networks, scanning, Vulnerabilities, vulnerability /

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals 2025-04-01 at 18:49 By Ionut Arghire GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances. The post Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals Read More »

Insider Threats: How Businesses Can Detect and Prevent Internal Cyber Risks

data breach, Database Protection, Vulnerabilities /

Insider Threats: How Businesses Can Detect and Prevent Internal Cyber Risks 2025-04-01 at 16:04 By Barry O’Connell Insider threats are on the rise—understand how both intentional and unintentional risks impact your cybersecurity strategy. 40% of companies reported more insider-related incidents —learn how to detect and prevent insider threats before they cause damage. Strengthen your insider threat defense with a

Insider Threats: How Businesses Can Detect and Prevent Internal Cyber Risks Read More »

Critical Vulnerability Found in Canon Printer Drivers

Canon, printer, Vulnerabilities, vulnerability /

Critical Vulnerability Found in Canon Printer Drivers 2025-04-01 at 14:55 By Eduard Kovacs Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers.  The post Critical Vulnerability Found in Canon Printer Drivers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Vulnerability Found in Canon Printer Drivers Read More »

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

CrushFTP, exploited, Vulnerabilities, vulnerability /

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability 2025-04-01 at 14:21 By Eduard Kovacs Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability Read More »

Apple Patches Recent Zero-Days in Older iPhones

apple, exploited, iOS, macOS, patch, Vulnerabilities, Zero-Day /

Apple Patches Recent Zero-Days in Older iPhones 2025-04-01 at 13:39 By Ionut Arghire Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models. The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek. This article is an excerpt from

Apple Patches Recent Zero-Days in Older iPhones Read More »

Scroll to Top