Vulnerabilities

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets

MediaTek, Qualcomm, Vulnerabilities, vulnerability /

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets 2025-03-04 at 14:54 By Ionut Arghire Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products. The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets Read More »

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

exploited, Featured, VMWare, Vulnerabilities, vulnerability /

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild 2025-03-04 at 14:22 By Eduard Kovacs Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild Read More »

Google Patches Pair of Exploited Vulnerabilities in Android

Android, exploited, Mobile & Wireless, Vulnerabilities /

Google Patches Pair of Exploited Vulnerabilities in Android 2025-03-04 at 13:52 By Ionut Arghire Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild. The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Google Patches Pair of Exploited Vulnerabilities in Android Read More »

Exploitation Long Known for Most of CISA’s Latest KEV Additions

CISA KEV, exploited, Vulnerabilities, vulnerability /

Exploitation Long Known for Most of CISA’s Latest KEV Additions 2025-03-04 at 13:02 By Eduard Kovacs Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Exploitation Long Known for Most of CISA’s Latest KEV Additions Read More »

Vulnerable Paragon Driver Exploited in Ransomware Attacks

BYOVD, driver, privilege escalation, Ransomware, Vulnerabilities /

Vulnerable Paragon Driver Exploited in Ransomware Attacks 2025-03-03 at 14:04 By Ionut Arghire Ransomware operators exploit a vulnerable Paragon driver in BYOVD attacks to elevate privileges to System. The post Vulnerable Paragon Driver Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerable Paragon Driver Exploited in Ransomware Attacks Read More »

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist

Amnesty International, Android, Cellebrite, Serbia, spyware, surveillance, Tracking & Law Enforcement, Vulnerabilities /

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist 2025-02-28 at 23:02 By Ryan Naraine Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite’s mobile forensic tools to spy on a Serbian student activist. The post Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist Read More »

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing

Reports, Threat Intelligence, Vulnerabilities /

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing 2025-02-28 at 16:12 By When it comes to choosing a manufacturer to target for attack, threat groups have a healthy list of tools from which to choose. All of which are made more powerful due to this industry’s complex cybersecurity posture, driven by the increasing integration of IT/OT

React to this headline:

Loading spinner

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing Read More »

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing

Reports, Threat Intelligence, Vulnerabilities /

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing 2025-02-27 at 16:02 By The line between Information Technology (IT) and Operational Technology (OT) has been blurring for years and what once were two distinct realms — IT managing data and networks, and OT controlling physical processes on the production floor — are now

React to this headline:

Loading spinner

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing Read More »

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw

exploited, Krpano, vr, Vulnerabilities, XSS /

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw 2025-02-27 at 15:22 By Eduard Kovacs The websites of dozens of major private and government organizations have been abused in a massive spam campaign that involves exploitation of a vulnerability affecting widely used virtual tour software. The attacks were observed recently by

React to this headline:

Loading spinner

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw Read More »

Cisco Patches Vulnerabilities in Nexus Switches

Cisco, Vulnerabilities, vulnerability /

Cisco Patches Vulnerabilities in Nexus Switches 2025-02-27 at 14:03 By Eduard Kovacs Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw. The post Cisco Patches Vulnerabilities in Nexus Switches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Cisco Patches Vulnerabilities in Nexus Switches Read More »

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing

Reports, Threat Intelligence, Tips & Tricks, Vulnerabilities /

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing 2025-02-26 at 16:06 By 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices. Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods Exposed: Explore two in-depth

React to this headline:

Loading spinner

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing Read More »

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector

Reports, Threat Intelligence, Tips & Tricks, Vulnerabilities /

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector 2025-02-26 at 16:06 By 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices. Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods

React to this headline:

Loading spinner

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector Read More »

Attacks Against Government Entities, Defense Sector, and Human Targets

Government, Perspectives, Security Research, Vulnerabilities /

Attacks Against Government Entities, Defense Sector, and Human Targets 2025-02-25 at 17:08 By Pawel Knapczyk and Nikita Kazymirskyi In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we gave a brief look at our major findings as well as the main differences between how Russia and Ukraine wage attacks in the digital frontlines. In

React to this headline:

Loading spinner

Attacks Against Government Entities, Defense Sector, and Human Targets Read More »

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability

Agile PLM, CISA KEV, exploited, Oracle, Vulnerabilities /

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability 2025-02-25 at 13:43 By Eduard Kovacs CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog.  The post CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability Read More »

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics

China, Cisco, Cisco Talos, CVE-2018-0171, Nation-State, Salt Typhoon, Vulnerabilities /

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics 2025-02-21 at 17:04 By Ryan Naraine Cisco Talos observed Chinese hackers team pivoting from a compromised device operated by one telecom to target a device in another telecom. The post Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics Read More »

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers

MongoDB, Vulnerabilities, vulnerability /

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers 2025-02-21 at 15:21 By Ionut Arghire OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers Read More »

CISA Warns of Attacks Exploiting Craft CMS Vulnerability

CISA KEV, Craft, exploited, Vulnerabilities /

CISA Warns of Attacks Exploiting Craft CMS Vulnerability 2025-02-21 at 13:48 By Eduard Kovacs CISA has added a Craft CMS flaw tracked as CVE-2025-23209 to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Craft CMS Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Craft CMS Vulnerability Read More »

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls

CISA KEV, exploited, Featured, firewall, Palo Alto Networks, Vulnerabilities /

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls 2025-02-21 at 13:21 By Eduard Kovacs Palo Alto Networks is warning customers that a second vulnerability patched in February is being exploited in attacks. The post Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Second Recently Patched Flaw Exploited to Hack Palo Alto Firewalls Read More »

Three Years of Cyber Warfare: How Digital Attacks Have Shaped the Russia-Ukraine War

Database Protection, Vulnerabilities /

Three Years of Cyber Warfare: How Digital Attacks Have Shaped the Russia-Ukraine War 2025-02-21 at 00:01 By As the third anniversary of the start of the Russia-Ukraine war approaches, Trustwave SpiderLabs created a series of blog posts to look back, reflect upon, and explain how this 21st Century war is being fought not just on

React to this headline:

Loading spinner

Three Years of Cyber Warfare: How Digital Attacks Have Shaped the Russia-Ukraine War Read More »

Atlassian Patches Critical Vulnerabilities in Confluence, Crowd

Atlassian, patch, Vulnerabilities, vulnerability /

Atlassian Patches Critical Vulnerabilities in Confluence, Crowd 2025-02-20 at 15:40 By Ionut Arghire Atlassian has released patches for 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira. The post Atlassian Patches Critical Vulnerabilities in Confluence, Crowd appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Atlassian Patches Critical Vulnerabilities in Confluence, Crowd Read More »

Scroll to Top