Vulnerabilities

Possible Zero-Day Patched in SonicWall SMA Appliances

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability, Zero-Day /

Possible Zero-Day Patched in SonicWall SMA Appliances 2025-05-08 at 16:11 By Ionut Arghire SonicWall patches three SMA 100 vulnerabilities, including a potential zero-day, that could be chained to execute arbitrary code remotely. The post Possible Zero-Day Patched in SonicWall SMA Appliances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

Possible Zero-Day Patched in SonicWall SMA Appliances Read More »

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet

botnet, exploited, MagicINFO, Mirai, Vulnerabilities /

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet 2025-05-08 at 13:50 By Ionut Arghire The patches for an exploited Samsung MagicINFO vulnerability are ineffective and a Mirai botnet has started targeting it. The post Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Improperly Patched Samsung MagicINFO Vulnerability Exploited by Botnet Read More »

Cisco Patches 35 Vulnerabilities Across Several Products

Cisco, patch, Vulnerabilities /

Cisco Patches 35 Vulnerabilities Across Several Products 2025-05-08 at 13:01 By Ionut Arghire Cisco releases patches for 26 vulnerabilities in IOS and IOS XE software, including 17 critical- and high-severity bugs. The post Cisco Patches 35 Vulnerabilities Across Several Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Cisco Patches 35 Vulnerabilities Across Several Products Read More »

Dozens of SysAid Instances Vulnerable to Remote Hacking

PoC, SysAid, Vulnerabilities, vulnerability /

Dozens of SysAid Instances Vulnerable to Remote Hacking 2025-05-08 at 12:46 By Eduard Kovacs SysAid patches IT service management software vulnerabilities that can be chained for unauthenticated remote command execution.  The post Dozens of SysAid Instances Vulnerable to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Dozens of SysAid Instances Vulnerable to Remote Hacking Read More »

Second OttoKit Vulnerability Exploited to Hack WordPress Sites

exploited, Vulnerabilities, WordPress, WordPress plugin /

Second OttoKit Vulnerability Exploited to Hack WordPress Sites 2025-05-07 at 12:16 By Ionut Arghire Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges. The post Second OttoKit Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Second OttoKit Vulnerability Exploited to Hack WordPress Sites Read More »

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities

Emerging Threats, Security Research, Vulnerabilities /

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities 2025-05-06 at 18:47 By Karl Biron Let’s explore the critical role of Modbus in energy and manufacturing systems, then demonstrate real-world exploitation techniques using Docker-based simulations and the custom-built Python tool M.A.T.R.I.X. This article is an excerpt from SpiderLabs Blog View Original Source

React to this headline:

Loading spinner

Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities Read More »

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise

exploited, SAP, Vulnerabilities, Zero-Day /

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise 2025-05-06 at 15:39 By Ionut Arghire Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability. The post Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise Read More »

Samsung MagicINFO Vulnerability Exploited Days After PoC Publication

exploited, IoT, IoT Security, MagicINFO, Samsung, Vulnerabilities /

Samsung MagicINFO Vulnerability Exploited Days After PoC Publication 2025-05-06 at 14:33 By Ionut Arghire Threat actors started exploiting a vulnerability in Samsung MagicINFO only days after a PoC exploit was published. The post Samsung MagicINFO Vulnerability Exploited Days After PoC Publication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Samsung MagicINFO Vulnerability Exploited Days After PoC Publication Read More »

Critical Commvault Vulnerability in Attacker Crosshairs

Commvault, exploited, Vulnerabilities, vulnerability /

Critical Commvault Vulnerability in Attacker Crosshairs 2025-05-05 at 15:32 By Ionut Arghire CISA has flagged a critical-severity Commvault vulnerability as exploited one week after technical details were released. The post Critical Commvault Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Commvault Vulnerability in Attacker Crosshairs Read More »

PoC Published for Exploited SonicWall Vulnerabilities

CISA KEV, exploited, PoC, SonicWall, Vulnerabilities /

PoC Published for Exploited SonicWall Vulnerabilities 2025-05-05 at 13:06 By Ionut Arghire PoC code targeting two exploited SonicWall flaws was published just CISA added them to the KEV catalog. The post PoC Published for Exploited SonicWall Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

PoC Published for Exploited SonicWall Vulnerabilities Read More »

Why Microsoft Email Security Benefits from a Layered Approach

email security, Microsoft Security, Perspectives, Vulnerabilities /

Why Microsoft Email Security Benefits from a Layered Approach 2025-05-02 at 16:03 By Doug Olenick The best secure email gateways mimic the tried and true “defense in depth” cybersecurity strategy by using a layered approach, including advanced features that make effective use of AI. This article is an excerpt from Trustwave Blog View Original Source

React to this headline:

Loading spinner

Why Microsoft Email Security Benefits from a Layered Approach Read More »

A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms

email security, Perspectives, Vulnerabilities /

A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms 2025-05-02 at 16:03 By Pauline Bolaños A quarter century ago, a former computer science student from the Philippines accidentally unleashed one of the most destructive computer viruses in modern history. This article is an excerpt from SpiderLabs Blog View Original Source React

React to this headline:

Loading spinner

A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms Read More »

Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools

Artificial Intelligence, code, Development, Vulnerabilities /

Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools 2025-05-01 at 16:01 By Mike Lennon The advantages AI tools deliver in speed and efficiency are impossible for developers to resist. But the complexity and risk created by AI-generated code can’t be ignored. The post Year of the

React to this headline:

Loading spinner

Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools Read More »

More Details Come to Light on Commvault Vulnerability Exploitation

Commvault, exploited, Vulnerabilities, Zero-Day /

More Details Come to Light on Commvault Vulnerability Exploitation 2025-05-01 at 15:03 By Ionut Arghire Commvault has shared indicators of compromise associated with the exploitation of a vulnerability by state-sponsored hackers. The post More Details Come to Light on Commvault Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

More Details Come to Light on Commvault Vulnerability Exploitation Read More »

SonicWall Flags Two More Vulnerabilities as Exploited

exploited, SonicWall, Vulnerabilities, vulnerability /

SonicWall Flags Two More Vulnerabilities as Exploited 2025-05-01 at 13:01 By Ionut Arghire SonicWall has updated the advisories for two vulnerabilities to warn that they are being exploited in the wild. The post SonicWall Flags Two More Vulnerabilities as Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SonicWall Flags Two More Vulnerabilities as Exploited Read More »

Tech Giants Propose Standard For End-of-Life Security Disclosures

Cisco, end-of-life, EOL, Management & Strategy, Microsoft, OASIS, OpenEoX, Risk Management, Vulnerabilities /

Tech Giants Propose Standard For End-of-Life Security Disclosures 2025-04-30 at 18:50 By Ryan Naraine The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools.  The post Tech Giants Propose Standard For End-of-Life Security Disclosures appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Tech Giants Propose Standard For End-of-Life Security Disclosures Read More »

Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities

Chrome, Firefox, patch, Vulnerabilities /

Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities 2025-04-30 at 11:04 By Ionut Arghire Chrome 136 and Firefox 138 were released in the stable channel with patches for multiple high-severity vulnerabilities. The post Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities Read More »

Google Tracked 75 Zero-Days in 2024

exploit, Google, report, Vulnerabilities, Zero-Day /

Google Tracked 75 Zero-Days in 2024 2025-04-29 at 14:42 By Eduard Kovacs The number of exploited zero-days seen by Google in 2024 dropped to 75, from 98 observed in the previous year. The post Google Tracked 75 Zero-Days in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Google Tracked 75 Zero-Days in 2024 Read More »

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks

exploited, SAP, Vulnerabilities, Zero-Day /

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks 2025-04-29 at 13:34 By Ionut Arghire More than 400 SAP NetWeaver servers are impacted by CVE-2025-31324, an exploited remote code execution vulnerability. The post Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Exploited Vulnerability Exposes Over 400 SAP NetWeaver Servers to Attacks Read More »

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities

Broadcom, CISA KEV, Commvault, exploited, Vulnerabilities /

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities 2025-04-29 at 12:02 By Ionut Arghire CISA urges immediate patching for recently disclosed Broadcom, Commvault, and Qualitia vulnerabilities exploited in the wild. The post CISA Warns of Exploited Broadcom, Commvault Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

CISA Warns of Exploited Broadcom, Commvault Vulnerabilities Read More »

Scroll to Top