vulnerability

Motors Theme Vulnerability Exploited to Hack WordPress Websites

Motors Theme Vulnerability Exploited to Hack WordPress Websites 2025-06-20 at 14:22 By Ionut Arghire Threat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords. The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

Motors Theme Vulnerability Exploited to Hack WordPress Websites Read More »

High-Severity Vulnerabilities Patched by Cisco, Atlassian

High-Severity Vulnerabilities Patched by Cisco, Atlassian 2025-06-19 at 11:47 By Ionut Arghire Cisco has resolved a high-severity vulnerability in Meraki MX and Meraki Z devices. Atlassian pushed patches for multiple third-party dependencies. The post High-Severity Vulnerabilities Patched by Cisco, Atlassian appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

High-Severity Vulnerabilities Patched by Cisco, Atlassian Read More »

Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection

Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection 2025-06-18 at 20:11 By Ionut Arghire Misconfigured permissions in Google’s Gerrit code collaboration platform could have led to the compromise of ChromiumOS and other Google projects. The post Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection Read More »

Critical Vulnerability Patched in Citrix NetScaler

Critical Vulnerability Patched in Citrix NetScaler 2025-06-18 at 16:20 By Ionut Arghire Citrix has released patches for critical- and high-severity vulnerabilities in NetScaler and Secure Access Client and Workspace for Windows. The post Critical Vulnerability Patched in Citrix NetScaler appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Critical Vulnerability Patched in Citrix NetScaler Read More »

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation 2025-06-18 at 15:33 By Eduard Kovacs Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old

React to this headline:

Loading spinner

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation Read More »

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) 2025-06-18 at 14:49 By Zeljka Zorz Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable

React to this headline:

Loading spinner

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) Read More »

Chrome 137 Update Patches High-Severity Vulnerabilities

Chrome 137 Update Patches High-Severity Vulnerabilities 2025-06-18 at 12:52 By Ionut Arghire Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components. The post Chrome 137 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chrome 137 Update Patches High-Severity Vulnerabilities Read More »

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products 2025-06-18 at 11:45 By Ionut Arghire Veeam and BeyondTrust have resolved several vulnerabilities that could be exploited for remote code execution. The post Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products Read More »

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers 2025-06-17 at 14:01 By Ionut Arghire CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers Read More »

Asus Armoury Crate Vulnerability Leads to Full System Compromise

Asus Armoury Crate Vulnerability Leads to Full System Compromise 2025-06-17 at 12:49 By Ionut Arghire A high-severity authorization bypass vulnerability in Asus Armoury Crate provides attackers with low-level system privileges. The post Asus Armoury Crate Vulnerability Leads to Full System Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Asus Armoury Crate Vulnerability Leads to Full System Compromise Read More »

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) 2025-06-13 at 15:22 By Zeljka Zorz A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite mercenary spyware, Citizen Lab researchers have revealed on Thursday. The attacks happened in January and early February 2025. “We

React to this headline:

Loading spinner

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) Read More »

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking 2025-06-13 at 11:33 By Eduard Kovacs Mitel has announced patches for a MiCollab path traversal vulnerability that can be exploited remotely without authentication. The post Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking Read More »

Palo Alto Networks Patches Privilege Escalation Vulnerabilities

Palo Alto Networks Patches Privilege Escalation Vulnerabilities 2025-06-12 at 11:35 By Ionut Arghire Palo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products. The post Palo Alto Networks Patches Privilege Escalation Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Palo Alto Networks Patches Privilege Escalation Vulnerabilities Read More »

Fortinet, Ivanti Patch High-Severity Vulnerabilities

Fortinet, Ivanti Patch High-Severity Vulnerabilities 2025-06-11 at 15:48 By Ionut Arghire Patches released by Fortinet and Ivanti resolve over a dozen vulnerabilities, including high-severity flaws leading to code execution, credential leaks. The post Fortinet, Ivanti Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Fortinet, Ivanti Patch High-Severity Vulnerabilities Read More »

Chrome, Firefox Updates Resolve High-Severity Memory Bugs

Chrome, Firefox Updates Resolve High-Severity Memory Bugs 2025-06-11 at 13:33 By Ionut Arghire Google and Mozilla have released patches for a combined total of four high-severity memory bugs in Chrome and Firefox. The post Chrome, Firefox Updates Resolve High-Severity Memory Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chrome, Firefox Updates Resolve High-Severity Memory Bugs Read More »

Critical Vulnerability Patched in SAP NetWeaver

Critical Vulnerability Patched in SAP NetWeaver 2025-06-10 at 14:09 By Ionut Arghire SAP has fixed a critical NetWeaver vulnerability allowing attackers to bypass authorization checks and escalate their privileges. The post Critical Vulnerability Patched in SAP NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerability Patched in SAP NetWeaver Read More »

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) 2025-06-10 at 13:31 By Zeljka Zorz Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a popular open-source security information and event management (SIEM) and extended detection and response

React to this headline:

Loading spinner

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) Read More »

Exploited Vulnerability Impacts Over 80,000 Roundcube Servers

Exploited Vulnerability Impacts Over 80,000 Roundcube Servers 2025-06-10 at 12:49 By Ionut Arghire Exploitation of a critical-severity RCE vulnerability in Roundcube started only days after a patch was released. The post Exploited Vulnerability Impacts Over 80,000 Roundcube Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Exploited Vulnerability Impacts Over 80,000 Roundcube Servers Read More »

Vulnerabilities Exposed Phone Number of Any Google User

Vulnerabilities Exposed Phone Number of Any Google User 2025-06-10 at 12:01 By Eduard Kovacs Google has awarded $5,000 to a researcher who found security holes that enabled brute-forcing the phone number of any user.  The post Vulnerabilities Exposed Phone Number of Any Google User appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Vulnerabilities Exposed Phone Number of Any Google User Read More »

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) 2025-06-09 at 15:18 By Zeljka Zorz With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming and possibly already happening. According to the Shadowserver Foundation, there

React to this headline:

Loading spinner

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) Read More »

Scroll to Top