vulnerability

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)

CISA, Don't miss, Hot stuff, News, SMBs, SonicWall, vulnerability /

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) 2025-04-18 at 14:47 By Zeljka Zorz CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security advisory to reflect the new state of play, and by changing the description of the vulnerability […]

React to this headline:

Loading spinner

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035) Read More »

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

0patch, APT, Check Point, Don't miss, enterprise, exploit, Government, HarfangLab, Hot stuff, News, phishing, vulnerability, Windows /

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) 2025-04-17 at 16:52 By Zeljka Zorz CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institutions in Poland and Romania. “Active exploitation in the wild has been observed

React to this headline:

Loading spinner

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054) Read More »

Vulnerabilities Patched in Atlassian, Cisco Products

Atlassian, Cisco, patch, Vulnerabilities, vulnerability /

Vulnerabilities Patched in Atlassian, Cisco Products 2025-04-17 at 16:52 By Ionut Arghire Atlassian and Cisco have released patches for multiple high-severity vulnerabilities, including remote code execution bugs. The post Vulnerabilities Patched in Atlassian, Cisco Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerabilities Patched in Atlassian, Cisco Products Read More »

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking

Erlang OTP, SSH, Vulnerabilities, vulnerability /

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking 2025-04-17 at 15:19 By Eduard Kovacs Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP SSH. The post Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking Read More »

SonicWall Flags Old Vulnerability as Actively Exploited

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability /

SonicWall Flags Old Vulnerability as Actively Exploited 2025-04-17 at 14:05 By Eduard Kovacs A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild. The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

SonicWall Flags Old Vulnerability as Actively Exploited Read More »

Critical Vulnerability Found in Apache Roller Blog Server

Apache Roller, Vulnerabilities, vulnerability /

Critical Vulnerability Found in Apache Roller Blog Server 2025-04-16 at 14:44 By Ionut Arghire A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes. The post Critical Vulnerability Found in Apache Roller Blog Server appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Vulnerability Found in Apache Roller Blog Server Read More »

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities 2025-04-16 at 14:01 By Ionut Arghire Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities. The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities Read More »

Critical flaws fixed in Nagios Log Server

Don't miss, enterprise, exploit, Hot stuff, log management, Nagios Log Server, News, PoC, SMBs, vulnerability /

Critical flaws fixed in Nagios Log Server 2025-04-15 at 13:47 By Zeljka Zorz The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability

React to this headline:

Loading spinner

Critical flaws fixed in Nagios Log Server Read More »

Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices

BSI, Don't miss, Fortinet, FortiOS, Hot stuff, News, vulnerability /

Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices 2025-04-11 at 21:05 By Zeljka Zorz A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after the original

React to this headline:

Loading spinner

Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices Read More »

SonicWall Patches High-Severity Vulnerability in NetExtender

SonicWall, Vulnerabilities, vulnerability /

SonicWall Patches High-Severity Vulnerability in NetExtender 2025-04-11 at 14:18 By Ionut Arghire SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug. The post SonicWall Patches High-Severity Vulnerability in NetExtender appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SonicWall Patches High-Severity Vulnerability in NetExtender Read More »

Juniper Networks Patches Dozens of Junos Vulnerabilities

Juniper, Junos, Vulnerabilities, vulnerability /

Juniper Networks Patches Dozens of Junos Vulnerabilities 2025-04-10 at 16:46 By Ionut Arghire Juniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies. The post Juniper Networks Patches Dozens of Junos Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Juniper Networks Patches Dozens of Junos Vulnerabilities Read More »

Study Identifies 20 Most Vulnerable Connected Devices of 2025

Forescout, ICS/OT, IoT Security, report, router, vulnerability /

Study Identifies 20 Most Vulnerable Connected Devices of 2025 2025-04-10 at 15:03 By Ionut Arghire Routers are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout report shows. The post Study Identifies 20 Most Vulnerable Connected Devices of 2025 appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Study Identifies 20 Most Vulnerable Connected Devices of 2025 Read More »

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887)

Don't miss, Fortinet, Hot stuff, networking, News, vulnerability /

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) 2025-04-10 at 13:18 By Zeljka Zorz Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges on vulnerable devices. About CVE-2024-48887 Fortinet

React to this headline:

Loading spinner

FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) Read More »

WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401)

Don't miss, Hot stuff, Meta, News, vulnerability, WhatsApp, Windows /

WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) 2025-04-09 at 16:00 By Zeljka Zorz WhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running malicious code. Meta classifies the vulnerability as a spoofing issue that

React to this headline:

Loading spinner

WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) Read More »

Fortinet Patches Critical FortiSwitch Vulnerability

Fortinet, Vulnerabilities, vulnerability /

Fortinet Patches Critical FortiSwitch Vulnerability 2025-04-09 at 13:43 By Ionut Arghire Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords. The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Fortinet Patches Critical FortiSwitch Vulnerability Read More »

SAP Patches Critical Code Injection Vulnerabilities

patch, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Code Injection Vulnerabilities 2025-04-08 at 16:29 By Ionut Arghire SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws. The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SAP Patches Critical Code Injection Vulnerabilities Read More »

WhatsApp Vulnerability Could Facilitate Remote Code Execution

Meta, MIME, Vulnerabilities, vulnerability, WhatsApp /

WhatsApp Vulnerability Could Facilitate Remote Code Execution 2025-04-08 at 16:29 By Eduard Kovacs An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users. The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

WhatsApp Vulnerability Could Facilitate Remote Code Execution Read More »

ESET Vulnerability Exploited for Stealthy Malware Execution

ESET, exploited, ToddyCat, Vulnerabilities, vulnerability /

ESET Vulnerability Exploited for Stealthy Malware Execution 2025-04-08 at 15:32 By Ionut Arghire A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery. The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

ESET Vulnerability Exploited for Stealthy Malware Execution Read More »

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk

exploited, Ivanti, Vulnerabilities, vulnerability /

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk 2025-04-08 at 13:58 By Ionut Arghire More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk Read More »

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)

Don't miss, Hot stuff, News, vulnerability, Windows, WinRAR /

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) 2025-04-07 at 14:36 By Zeljka Zorz WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary code on your machine has been fixed in version 7.11. About CVE-2025-31334

React to this headline:

Loading spinner

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) Read More »

Scroll to Top