Vulnerabilities

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack

Malware, SonicWall, Vulnerabilities, vulnerability /

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack 2025-07-24 at 13:18 By Ionut Arghire SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks. The post SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack Read More »

Critical Vulnerabilities Patched in Sophos Firewall

firewall, Network Security, Sophos, Vulnerabilities, vulnerability /

Critical Vulnerabilities Patched in Sophos Firewall 2025-07-23 at 14:35 By Ionut Arghire Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code. The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerabilities Patched in Sophos Firewall Read More »

High-Severity Flaws Patched in Chrome, Firefox

Chrome, Firefox, patch, Vulnerabilities /

High-Severity Flaws Patched in Chrome, Firefox 2025-07-23 at 13:03 By Ionut Arghire Fresh security updates for Chrome and Firefox resolve multiple high-severity memory safety vulnerabilities. The post High-Severity Flaws Patched in Chrome, Firefox appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

High-Severity Flaws Patched in Chrome, Firefox Read More »

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities

Cisco, Cisco ISE, exploited, Vulnerabilities, vulnerability /

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities 2025-07-23 at 12:27 By Ionut Arghire Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution. The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities Read More »

CISA Warns of SysAid Vulnerability Exploitation

CISA KEV, exploited, SysAid, Vulnerabilities /

CISA Warns of SysAid Vulnerability Exploitation 2025-07-23 at 12:27 By Eduard Kovacs CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog. The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

CISA Warns of SysAid Vulnerability Exploitation Read More »

Vulnerabilities Expose Helmholz Industrial Routers to Hacking

Helmholz, ICS, ICS/OT, industrial router, OT, router, Vulnerabilities, vulnerability /

Vulnerabilities Expose Helmholz Industrial Routers to Hacking 2025-07-22 at 16:57 By Eduard Kovacs Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describing eight vulnerabilities discovered in

React to this headline:

Loading spinner

Vulnerabilities Expose Helmholz Industrial Routers to Hacking Read More »

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets

China, China APT, exploited, Featured, Malware & Threats, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets 2025-07-22 at 11:44 By Eduard Kovacs More details emerged on the ToolShell zero-day attacks targeting SharePoint servers, but confusion remains over the vulnerabilities. The post ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets appeared first on SecurityWeek.

React to this headline:

Loading spinner

ToolShell Zero-Day Attacks on SharePoint: First Wave Linked to China, Hit High-Value Targets Read More »

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies”

data breach, Emerging Threats, Security Research, Vulnerabilities /

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” 2025-07-21 at 16:06 By Uncover how dark web “travel agencies” operate—from booking flights and hotels with stolen credentials to building customer-facing services that mimic legitimate platforms. Learn who uses dark web travel services and how unsuspecting consumers may get lured in through

React to this headline:

Loading spinner

Travelling Through the Dark Web: Answering 6 Questions About Dark Web “Travel Agencies” Read More »

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers

exploited, SharePoint, ToolShell, Vulnerabilities, Zero-Day /

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers 2025-07-21 at 12:50 By Eduard Kovacs Microsoft has started releasing updates to fix the exploited SharePoint zero-days tracked as CVE-2025-53770 and CVE-2025-53771. The post Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Microsoft Patches ‘ToolShell’ Zero-Days Exploited to Hack SharePoint Servers Read More »

Exploited CrushFTP Zero-Day Provides Admin Access to Servers

CrushFTP, exploited, Vulnerabilities, Zero-Day /

Exploited CrushFTP Zero-Day Provides Admin Access to Servers 2025-07-21 at 10:46 By Ionut Arghire Hackers are exploiting a zero-day vulnerability in CrushFTP to gain administrative privileges on vulnerable servers via HTTPS. The post Exploited CrushFTP Zero-Day Provides Admin Access to Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Exploited CrushFTP Zero-Day Provides Admin Access to Servers Read More »

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

CVE-2025-53770, exploit, Featured, Microsoft, SharePoint, Threat Intelligence, Vulnerabilities, vulnerability /

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available 2025-07-20 at 17:16 By Mike Lennon Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the

React to this headline:

Loading spinner

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Read More »

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft

Emerging Threats, Security Research, Vulnerabilities /

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft 2025-07-18 at 16:06 By Serhii Melnyk Malicious APKs (Android Package Kit files) continue to serve as one of the most persistent and adaptable delivery mechanisms in mobile threat campaigns. Threat actors routinely exploit social engineering and off-market distribution to bypass conventional security controls and capitalize

React to this headline:

Loading spinner

Unmasking Malicious APKs: Android Malware Blending Click Fraud and Credential Theft Read More »

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication

exploited, Fortinet, FortiWeb, Vulnerabilities /

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication 2025-07-18 at 14:45 By Ionut Arghire Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. The post Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication Read More »

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable

Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable 2025-07-18 at 13:18 By Ionut Arghire The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied. The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable Read More »

Cisco Patches Another Critical ISE Vulnerability

Cisco, patch, Vulnerabilities, vulnerability /

Cisco Patches Another Critical ISE Vulnerability 2025-07-17 at 12:32 By Ionut Arghire Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Cisco Patches Another Critical ISE Vulnerability Read More »

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched

patch, Pwn2Own, VMWare, Vulnerabilities, vulnerability /

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched 2025-07-17 at 12:32 By Eduard Kovacs Four CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products. The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched Read More »

Oracle Patches 200 Vulnerabilities With July 2025 CPU

Oracle, patch, Vulnerabilities, vulnerability /

Oracle Patches 200 Vulnerabilities With July 2025 CPU 2025-07-17 at 10:37 By Ionut Arghire Oracle’s July 2025 Critical Patch Update contains 309 security patches that address approximately 200 unique CVEs. The post Oracle Patches 200 Vulnerabilities With July 2025 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Oracle Patches 200 Vulnerabilities With July 2025 CPU Read More »

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability 

AI, Artificial Intelligence, Big Sleep, SQLite, Vulnerabilities, vulnerability /

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  2025-07-16 at 14:47 By Eduard Kovacs Google refused to share any details on how its Big Sleep AI foiled efforts to exploit a SQLite vulnerability in the wild. The post Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  Read More »

Chrome Update Patches Fifth Zero-Day of 2025

Chrome, exploited, Vulnerabilities, Zero-Day /

Chrome Update Patches Fifth Zero-Day of 2025 2025-07-16 at 10:01 By Ionut Arghire Google has released a Chrome 138 security update that patches a zero-day, the fifth resolved in the browser this year. The post Chrome Update Patches Fifth Zero-Day of 2025 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chrome Update Patches Fifth Zero-Day of 2025 Read More »

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA

CISA KEV, Citrix, CitrixBleed 2, CitrixBleed2, exploited, Vulnerabilities /

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA 2025-07-14 at 17:58 By Ionut Arghire CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA Read More »

Scroll to Top