Vulnerabilities

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond

Database Protection, Security Research, Vulnerabilities /

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond 2025-03-06 at 19:34 By Cyber Threats in Manufacturing: The 2025 Trustwave Risk Radar Report highlights how cybercriminals exploit vulnerabilities in manufacturing infrastructure, workers, and digital supply chains, with over 3,500 critical vulnerabilities listed on CISA’s KEV list. Top Manufacturing Cyber Risks: Attackers leverage high-profile exploits […]

React to this headline:

Loading spinner

Defending Manufacturing: How Cybercriminals Are Targeting the Industry and How to Respond Read More »

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

ESX, exploited, Featured, VMWare, Vulnerabilities, Zero-Day /

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks 2025-03-06 at 12:03 By Eduard Kovacs Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days. The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first

React to this headline:

Loading spinner

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks Read More »

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure

Government, Security Research, Vulnerabilities /

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure 2025-03-05 at 16:08 By Pawel Knapczyk and Nikita Kazymirskyi This post is the third part of our blog series that tackles the Russia-Ukraine war in the digital realm. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure Read More »

Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities

Chrome, Firefox, patch, Vulnerabilities, vulnerability /

Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities 2025-03-05 at 13:15 By Ionut Arghire Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities. The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities Read More »

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets

MediaTek, Qualcomm, Vulnerabilities, vulnerability /

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets 2025-03-04 at 14:54 By Ionut Arghire Chip makers Qualcomm and Mediatek have released patches for many vulnerabilities across their products. The post Vulnerabilities Patched in Qualcomm, Mediatek Chipsets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerabilities Patched in Qualcomm, Mediatek Chipsets Read More »

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

exploited, Featured, VMWare, Vulnerabilities, vulnerability /

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild 2025-03-04 at 14:22 By Eduard Kovacs Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation. The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild Read More »

Google Patches Pair of Exploited Vulnerabilities in Android

Android, exploited, Mobile & Wireless, Vulnerabilities /

Google Patches Pair of Exploited Vulnerabilities in Android 2025-03-04 at 13:52 By Ionut Arghire Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild. The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Google Patches Pair of Exploited Vulnerabilities in Android Read More »

Exploitation Long Known for Most of CISA’s Latest KEV Additions

CISA KEV, exploited, Vulnerabilities, vulnerability /

Exploitation Long Known for Most of CISA’s Latest KEV Additions 2025-03-04 at 13:02 By Eduard Kovacs Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog. The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Exploitation Long Known for Most of CISA’s Latest KEV Additions Read More »

Vulnerable Paragon Driver Exploited in Ransomware Attacks

BYOVD, driver, privilege escalation, Ransomware, Vulnerabilities /

Vulnerable Paragon Driver Exploited in Ransomware Attacks 2025-03-03 at 14:04 By Ionut Arghire Ransomware operators exploit a vulnerable Paragon driver in BYOVD attacks to elevate privileges to System. The post Vulnerable Paragon Driver Exploited in Ransomware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerable Paragon Driver Exploited in Ransomware Attacks Read More »

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist

Amnesty International, Android, Cellebrite, Serbia, spyware, surveillance, Tracking & Law Enforcement, Vulnerabilities /

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist 2025-02-28 at 23:02 By Ryan Naraine Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite’s mobile forensic tools to spy on a Serbian student activist. The post Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist Read More »

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing

Reports, Threat Intelligence, Vulnerabilities /

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing 2025-02-28 at 16:12 By When it comes to choosing a manufacturer to target for attack, threat groups have a healthy list of tools from which to choose. All of which are made more powerful due to this industry’s complex cybersecurity posture, driven by the increasing integration of IT/OT

React to this headline:

Loading spinner

Trustwave SpiderLabs Insights: Cyberattack Methods Targeting Manufacturing Read More »

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing

Reports, Threat Intelligence, Vulnerabilities /

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing 2025-02-27 at 16:02 By The line between Information Technology (IT) and Operational Technology (OT) has been blurring for years and what once were two distinct realms — IT managing data and networks, and OT controlling physical processes on the production floor — are now

React to this headline:

Loading spinner

Bridging the Gap: Why IT and OT Convergence is Reshaping Manufacturing Read More »

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw

exploited, Krpano, vr, Vulnerabilities, XSS /

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw 2025-02-27 at 15:22 By Eduard Kovacs The websites of dozens of major private and government organizations have been abused in a massive spam campaign that involves exploitation of a vulnerability affecting widely used virtual tour software. The attacks were observed recently by

React to this headline:

Loading spinner

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw Read More »

Cisco Patches Vulnerabilities in Nexus Switches

Cisco, Vulnerabilities, vulnerability /

Cisco Patches Vulnerabilities in Nexus Switches 2025-02-27 at 14:03 By Eduard Kovacs Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw. The post Cisco Patches Vulnerabilities in Nexus Switches appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Cisco Patches Vulnerabilities in Nexus Switches Read More »

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing

Reports, Threat Intelligence, Tips & Tricks, Vulnerabilities /

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing 2025-02-26 at 16:06 By 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices. Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods Exposed: Explore two in-depth

React to this headline:

Loading spinner

2025 Trustwave Risk Radar: Top Cyber Threats Facing Manufacturing Read More »

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector

Reports, Threat Intelligence, Tips & Tricks, Vulnerabilities /

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector 2025-02-26 at 16:06 By 2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: Discover the key cybersecurity challenges facing the manufacturing sector in 2025, including ransomware, phishing, and vulnerabilities in legacy systems and connected devices. Manufacturing Cybersecurity: IT/OT Convergence and Breach Methods

React to this headline:

Loading spinner

2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector Read More »

Attacks Against Government Entities, Defense Sector, and Human Targets

Government, Perspectives, Security Research, Vulnerabilities /

Attacks Against Government Entities, Defense Sector, and Human Targets 2025-02-25 at 17:08 By Pawel Knapczyk and Nikita Kazymirskyi In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we gave a brief look at our major findings as well as the main differences between how Russia and Ukraine wage attacks in the digital frontlines. In

React to this headline:

Loading spinner

Attacks Against Government Entities, Defense Sector, and Human Targets Read More »

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability

Agile PLM, CISA KEV, exploited, Oracle, Vulnerabilities /

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability 2025-02-25 at 13:43 By Eduard Kovacs CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog.  The post CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability Read More »

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics

China, Cisco, Cisco Talos, CVE-2018-0171, Nation-State, Salt Typhoon, Vulnerabilities /

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics 2025-02-21 at 17:04 By Ryan Naraine Cisco Talos observed Chinese hackers team pivoting from a compromised device operated by one telecom to target a device in another telecom. The post Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Cisco Details ‘Salt Typhoon’ Network Hopping, Credential Theft Tactics Read More »

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers

MongoDB, Vulnerabilities, vulnerability /

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers 2025-02-21 at 15:21 By Ionut Arghire OPSWAT details two critical vulnerabilities in the Mongoose ODM library for MongoDB leading to remote code execution on the Node.js server. The post Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Vulnerabilities in MongoDB Library Allow RCE on Node.js Servers Read More »

Scroll to Top