vulnerability

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)

Censys, Don't miss, exploit, file-sharing, Hot stuff, Huntress, MSP, News, PoC, RCE Security, SMBs, vulnerability, Wing FTP server /

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) 2025-07-11 at 15:32 By Zeljka Zorz Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP Server and CVE-2025-47812 Wing FTP Server is a commercial file transfer server solution used by businesses, […]

React to this headline:

Loading spinner

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) Read More »

McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications

data breach, Data Breaches, Data leak, McDonald's, vulnerability /

McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications 2025-07-11 at 13:01 By Ionut Arghire Two vulnerabilities in an internal API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonald’s applicants. The post McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications Read More »

Critical Wing FTP Server Vulnerability Exploited

exploited, Vulnerabilities, vulnerability, Wing FTP server /

Critical Wing FTP Server Vulnerability Exploited 2025-07-11 at 12:32 By Ionut Arghire Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges. The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Wing FTP Server Vulnerability Exploited Read More »

Ruckus network management solutions riddled with unpatched vulnerabilities

Carnegie Mellon University, Claroty, Don't miss, Hot stuff, networking, News, Ruckus Networks, vulnerability, vulnerability disclosure, wireless /

Ruckus network management solutions riddled with unpatched vulnerabilities 2025-07-10 at 15:52 By Zeljka Zorz Claroty researcher Noam Moshe has discovered serious vulnerabilities in two Ruckus Networks (formerly Ruckus Wireless) products that may allow attackers to compromise the environments managed by the affected software, Carnegie Mellon University’s CERT Coordination Center (CERT/CC) has warned. The vulnerabilities have

React to this headline:

Loading spinner

Ruckus network management solutions riddled with unpatched vulnerabilities Read More »

Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking

Mobile & Wireless, Ruckus, unpatched, vulnerability, wireless /

Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking 2025-07-09 at 13:18 By Ionut Arghire Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments. The post Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking Read More »

Exploits, Technical Details Released for CitrixBleed2 Vulnerability

CitrixBleed2, CVE-2025-5777, Featured, Network Security, Vulnerabilities, vulnerability /

Exploits, Technical Details Released for CitrixBleed2 Vulnerability 2025-07-08 at 15:17 By Ionut Arghire Researchers released technical information and exploit code targeting a critical vulnerability (CVE-2025-5777) in Citrix NetScaler. The post Exploits, Technical Details Released for CitrixBleed2 Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Exploits, Technical Details Released for CitrixBleed2 Vulnerability Read More »

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)

Cisco, communication, Don't miss, enterprise, Hot stuff, News, SMBs, vulnerability /

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) 2025-07-03 at 14:19 By Zeljka Zorz Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log into a vulnerable Cisco Unified Communications Manager (Unified CM) and

React to this headline:

Loading spinner

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) Read More »

Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover

Vulnerabilities, vulnerability, WordPress, WordPress plugin /

Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover 2025-07-02 at 13:18 By Ionut Arghire A vulnerability in the Forminator WordPress plugin allows attackers to delete arbitrary files and take over impacted websites. The post Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Forminator WordPress Plugin Vulnerability Exposes 400,000 Websites to Takeover Read More »

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)

Debian, Don't miss, Hot stuff, Linux, macOS, News, Stratascale, SUSE, Ubuntu, vulnerability /

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) 2025-07-01 at 16:11 By Zeljka Zorz If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday. What is Sudo? Sudo is command-line utility in Unix-like

React to this headline:

Loading spinner

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) Read More »

Critical Microsens Product Flaws Allow Hackers to Go ‘From Zero to Hero’

ICS, ICS/OT, vulnerability /

Critical Microsens Product Flaws Allow Hackers to Go ‘From Zero to Hero’ 2025-07-01 at 15:24 By Eduard Kovacs CISA has informed organizations about critical authentication bypass and remote code execution vulnerabilities in Microsens NMP Web+. The post Critical Microsens Product Flaws Allow Hackers to Go ‘From Zero to Hero’ appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Critical Microsens Product Flaws Allow Hackers to Go ‘From Zero to Hero’ Read More »

CitrixBleed 2 might be actively exploited (CVE-2025-5777)

Censys, Citrix, Don't miss, enterprise, Hot stuff, NetScaler, News, ReliaQuest, vulnerability /

CitrixBleed 2 might be actively exploited (CVE-2025-5777) 2025-06-30 at 15:47 By Zeljka Zorz While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777, both of which have been patched earlier this month. CVE-2025-5777, in

React to this headline:

Loading spinner

CitrixBleed 2 might be actively exploited (CVE-2025-5777) Read More »

Airoha Chip Vulnerabilities Expose Headphones to Takeover

Airoha, BLE, Bluetooth, headphone, Mobile & Wireless, vulnerability, wireless /

Airoha Chip Vulnerabilities Expose Headphones to Takeover 2025-06-30 at 14:11 By Ionut Arghire Vulnerabilities in Airoha Bluetooth SoCs expose headphone and earbud products from multiple vendors to takeover attacks. The post Airoha Chip Vulnerabilities Expose Headphones to Takeover appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Airoha Chip Vulnerabilities Expose Headphones to Takeover Read More »

Critical Cisco ISE Vulnerabilities Allow Remote Code Execution 

Cisco, patch, Vulnerabilities, vulnerability /

Critical Cisco ISE Vulnerabilities Allow Remote Code Execution  2025-06-26 at 12:02 By Ionut Arghire Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges. The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Critical Cisco ISE Vulnerabilities Allow Remote Code Execution  Read More »

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)

Don't miss, Hot stuff, News, open source, PoC, vulnerability /

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) 2025-06-26 at 00:15 By Zeljka Zorz A high-severity vulnerability (CVE-2025-49144) in the Notepad++ installer could be exploited by unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. There is currently no indication that the vulnerability is being leveraged by attackers, though technical details

React to this headline:

Loading spinner

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) Read More »

New Vulnerabilities Expose Millions of Brother Printers to Hacking

Brother, Featured, IoT Security, printer, Vulnerabilities, vulnerability /

New Vulnerabilities Expose Millions of Brother Printers to Hacking 2025-06-25 at 14:21 By Eduard Kovacs Rapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors.  The post New Vulnerabilities Expose Millions of Brother Printers to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

New Vulnerabilities Expose Millions of Brother Printers to Hacking Read More »

Code Execution Vulnerability Patched in GitHub Enterprise Server

GitHub, RCE, Vulnerabilities, vulnerability /

Code Execution Vulnerability Patched in GitHub Enterprise Server 2025-06-25 at 14:21 By Ionut Arghire A high-severity vulnerability in GitHub Enterprise Server could have allowed remote attackers to execute arbitrary code. The post Code Execution Vulnerability Patched in GitHub Enterprise Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Code Execution Vulnerability Patched in GitHub Enterprise Server Read More »

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities 2025-06-25 at 13:18 By Ionut Arghire Chrome 138 and Firefox 140 are rolling out with fixes for two dozen vulnerabilities, including high-severity memory safety issues. The post Chrome 138, Firefox 140 Patch Multiple Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities Read More »

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)

Don't miss, Hot stuff, News, Trend Micro, vulnerability, Windows, WinRAR /

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) 2025-06-24 at 12:45 By Zeljka Zorz A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The vulnerability has been patched in WinRAR 7.12 beta 1, released on June 10, 2025, and users are advised

React to this headline:

Loading spinner

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) Read More »

Critical Authentication Bypass Flaw Patched in Teleport

Authentication Bypass, Teleport, Vulnerabilities, vulnerability /

Critical Authentication Bypass Flaw Patched in Teleport 2025-06-23 at 14:50 By Ionut Arghire A critical-severity vulnerability in Teleport could allow remote attackers to bypass SSH authentication and access managed systems. The post Critical Authentication Bypass Flaw Patched in Teleport appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Critical Authentication Bypass Flaw Patched in Teleport Read More »

Scroll to Top