vulnerability

Google Project Zero Tackles Upstream Patch Gap With New Policy

Google Project Zero Tackles Upstream Patch Gap With New Policy 2025-07-31 at 12:24 By Ionut Arghire Google Project Zero now publicly shares the discovery of a vulnerability and when its 90-day disclosure deadline expires. The post Google Project Zero Tackles Upstream Patch Gap With New Policy appeared first on SecurityWeek. This article is an excerpt […]

React to this headline:

Loading spinner

Google Project Zero Tackles Upstream Patch Gap With New Policy Read More »

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes 2025-07-31 at 12:24 By Eduard Kovacs Honeywell has patched several critical and high-severity vulnerabilities in its Experion PKS  industrial process control and automation product. The post Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes Read More »

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications 2025-07-30 at 14:18 By Eduard Kovacs Base44 owner Wix quickly patched a critical authentication bypass vulnerability discovered by researchers at Wiz. The post Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications Read More »

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment 2025-07-29 at 20:02 By Eduard Kovacs Vulnerabilities discovered by Binarly in Lenovo devices allow privilege escalation, code execution, and security bypass. The post Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment Read More »

Organizations Warned of Exploited PaperCut Flaw

Organizations Warned of Exploited PaperCut Flaw 2025-07-29 at 14:52 By Ionut Arghire Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely. The post Organizations Warned of Exploited PaperCut Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Organizations Warned of Exploited PaperCut Flaw Read More »

Sploitlight: macOS Vulnerability Leaks Sensitive Information

Sploitlight: macOS Vulnerability Leaks Sensitive Information 2025-07-29 at 14:22 By Ionut Arghire The TCC bypass could expose information cached by Apple Intelligence, including geolocation and biometric data. The post Sploitlight: macOS Vulnerability Leaks Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Sploitlight: macOS Vulnerability Leaks Sensitive Information Read More »

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking 2025-07-25 at 15:57 By Eduard Kovacs LG Innotek LNV5110R security cameras are affected by a vulnerability that can be exploited for unauthenticated remote code execution. The post No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking appeared first on SecurityWeek.

React to this headline:

Loading spinner

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking Read More »

Mitel Patches Critical Flaw in Enterprise Communication Platform

Mitel Patches Critical Flaw in Enterprise Communication Platform 2025-07-25 at 15:00 By Ionut Arghire An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system. The post Mitel Patches Critical Flaw in Enterprise Communication Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Mitel Patches Critical Flaw in Enterprise Communication Platform Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

React to this headline:

Loading spinner

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) 2025-07-24 at 13:19 By Zeljka Zorz Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is being

React to this headline:

Loading spinner

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) Read More »

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack 2025-07-24 at 13:18 By Ionut Arghire SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks. The post SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Maximum severity Cisco ISE vulnerabilities exploited by attackers

Maximum severity Cisco ISE vulnerabilities exploited by attackers 2025-07-23 at 16:20 By Zeljka Zorz One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Identity Services Engine (ISE) – a

React to this headline:

Loading spinner

Maximum severity Cisco ISE vulnerabilities exploited by attackers Read More »

Critical Vulnerabilities Patched in Sophos Firewall

Critical Vulnerabilities Patched in Sophos Firewall 2025-07-23 at 14:35 By Ionut Arghire Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code. The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerabilities Patched in Sophos Firewall Read More »

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities 2025-07-23 at 12:27 By Ionut Arghire Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution. The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities Read More »

Microsoft pins on-prem SharePoint attacks on Chinese threat actors

Microsoft pins on-prem SharePoint attacks on Chinese threat actors 2025-07-22 at 18:54 By Zeljka Zorz As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed

React to this headline:

Loading spinner

Microsoft pins on-prem SharePoint attacks on Chinese threat actors Read More »

Vulnerabilities Expose Helmholz Industrial Routers to Hacking

Vulnerabilities Expose Helmholz Industrial Routers to Hacking 2025-07-22 at 16:57 By Eduard Kovacs Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describing eight vulnerabilities discovered in

React to this headline:

Loading spinner

Vulnerabilities Expose Helmholz Industrial Routers to Hacking Read More »

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) 2025-07-21 at 15:42 By Zeljka Zorz Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access for, but data theft looks most likely. According to

React to this headline:

Loading spinner

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) Read More »

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available 2025-07-20 at 17:16 By Mike Lennon Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the

React to this headline:

Loading spinner

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Read More »

Cisco Patches Another Critical ISE Vulnerability

Cisco Patches Another Critical ISE Vulnerability 2025-07-17 at 12:32 By Ionut Arghire Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Cisco Patches Another Critical ISE Vulnerability Read More »

Scroll to Top