vulnerability

CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds

Application Security, Featured, Vulnerabilities, vulnerability /

CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds 2025-08-08 at 19:52 By SecurityWeek News Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds appeared first on SecurityWeek. This […]

React to this headline:

Loading spinner

CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds Read More »

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls

Don't miss, firewall, GuidePoint Security, Hot stuff, Huntress, News, SonicWall, vulnerability /

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls 2025-08-07 at 14:34 By Zeljka Zorz Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a significant correlation with threat activity related to CVE-2024-40766, which

React to this headline:

Loading spinner

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls Read More »

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

hybrid, Microsoft Exchange, Vulnerabilities, vulnerability /

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment 2025-08-07 at 14:23 By Eduard Kovacs CISA and Microsoft have issued advisories for CVE-2025-53786, a high-severity flaw allowing privilege escalation in cloud environments.  The post Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment Read More »

Adobe patches critical Adobe Experience Manager Forms vulnerabilities with public PoC

Adobe, Don't miss, Hot stuff, News, PoC, Searchlight Cyber, security update, vulnerability /

Adobe patches critical Adobe Experience Manager Forms vulnerabilities with public PoC 2025-08-06 at 16:33 By Zeljka Zorz Adobe has released an emergency security update for Adobe Experience Manager Forms on Java Enterprise Edition (JEE), which fix two critical vulnerabilities (CVE-2025-54253, CVE-2025-54254) with a publicly available proof-of-concept (PoC) exploit. Details about the flaws have been public

React to this headline:

Loading spinner

Adobe patches critical Adobe Experience Manager Forms vulnerabilities with public PoC Read More »

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, SMBs, Trend Micro, vulnerability /

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) 2025-08-06 at 15:05 By Zeljka Zorz Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, the company has warned on Wednesday. Unfortunately for those organizations that use it, a patch

React to this headline:

Loading spinner

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) Read More »

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass

Authentication Bypass, Dell, Endpoint Security, Featured, firmware, laptop, Revault, vulnerability /

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass 2025-08-06 at 14:57 By Ionut Arghire ReVault vulnerabilities in the ControlVault3 firmware in Dell laptops could lead to firmware modifications or Windows login bypass. The post Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass Read More »

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC

Adobe, AEM Forms, PoC, Vulnerabilities, vulnerability /

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC 2025-08-06 at 13:18 By Ionut Arghire Adobe has released urgent security updates to resolve two AEM Forms vulnerabilities for which proof-of-concept (PoC) code exists. The post Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC Read More »

Millions of Dell laptops could be persistently backdoored in ReVault attacks

Broadcom, Cisco, Dell, Don't miss, Endpoint Security, firmware, hardware, Hot stuff, News, vulnerability /

Millions of Dell laptops could be persistently backdoored in ReVault attacks 2025-08-05 at 21:19 By Zeljka Zorz A set of firmware vulnerabilities affecting 100+ Dell laptop models widely used in government settings and by the cybersecurity industry could allow attackers to achieve persistent access even across Windows reinstalls, Cisco Talos researchers have discovered. About the

React to this headline:

Loading spinner

Millions of Dell laptops could be persistently backdoored in ReVault attacks Read More »

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models

AI, Artificial Intelligence, NVIDIA, Triton Inference Server, Vulnerabilities, vulnerability /

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models 2025-08-04 at 21:22 By Eduard Kovacs Nvidia has patched over a dozen vulnerabilities in Triton Inference Server, including another set of vulnerabilities that threaten AI systems.  The post Nvidia Triton Vulnerabilities Pose Big Risk to AI Models appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models Read More »

Several Vulnerabilities Patched in AI Code Editor Cursor 

Cursor, Vulnerabilities, vulnerability /

Several Vulnerabilities Patched in AI Code Editor Cursor  2025-08-04 at 13:24 By Ionut Arghire Attackers could silently modify sensitive MCP files to trigger the execution of arbitrary code without requiring user approval. The post Several Vulnerabilities Patched in AI Code Editor Cursor  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Several Vulnerabilities Patched in AI Code Editor Cursor  Read More »

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes

Featured, Honeywell, ICS, ICS/OT, OT, SCADA, vulnerability /

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes 2025-07-31 at 12:24 By Eduard Kovacs Honeywell has patched several critical and high-severity vulnerabilities in its Experion PKS  industrial process control and automation product. The post Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes Read More »

Google Project Zero Tackles Upstream Patch Gap With New Policy

disclosure policy, Google Project Zero, Vulnerabilities, vulnerability /

Google Project Zero Tackles Upstream Patch Gap With New Policy 2025-07-31 at 12:24 By Ionut Arghire Google Project Zero now publicly shares the discovery of a vulnerability and when its 90-day disclosure deadline expires. The post Google Project Zero Tackles Upstream Patch Gap With New Policy appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Google Project Zero Tackles Upstream Patch Gap With New Policy Read More »

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications

AI, Application Security, Artificial Intelligence, Authentication Bypass, Base44, vibe coding, vulnerability, Wix /

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications 2025-07-30 at 14:18 By Eduard Kovacs Base44 owner Wix quickly patched a critical authentication bypass vulnerability discovered by researchers at Wiz. The post Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications Read More »

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment

Endpoint, Endpoint Security, firmware, Lenovo, SMM, vulnerability /

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment 2025-07-29 at 20:02 By Eduard Kovacs Vulnerabilities discovered by Binarly in Lenovo devices allow privilege escalation, code execution, and security bypass. The post Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment Read More »

Organizations Warned of Exploited PaperCut Flaw

CISA KEV, exploited, PaperCut, Vulnerabilities, vulnerability /

Organizations Warned of Exploited PaperCut Flaw 2025-07-29 at 14:52 By Ionut Arghire Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely. The post Organizations Warned of Exploited PaperCut Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Organizations Warned of Exploited PaperCut Flaw Read More »

Sploitlight: macOS Vulnerability Leaks Sensitive Information

macOS, Sploitlight, Spotlight, Vulnerabilities, vulnerability /

Sploitlight: macOS Vulnerability Leaks Sensitive Information 2025-07-29 at 14:22 By Ionut Arghire The TCC bypass could expose information cached by Apple Intelligence, including geolocation and biometric data. The post Sploitlight: macOS Vulnerability Leaks Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Sploitlight: macOS Vulnerability Leaks Sensitive Information Read More »

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking

camera, LG, Vulnerabilities, vulnerability /

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking 2025-07-25 at 15:57 By Eduard Kovacs LG Innotek LNV5110R security cameras are affected by a vulnerability that can be exploited for unauthenticated remote code execution. The post No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking appeared first on SecurityWeek.

React to this headline:

Loading spinner

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking Read More »

Mitel Patches Critical Flaw in Enterprise Communication Platform

Mitel, Vulnerabilities, vulnerability /

Mitel Patches Critical Flaw in Enterprise Communication Platform 2025-07-25 at 15:00 By Ionut Arghire An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system. The post Mitel Patches Critical Flaw in Enterprise Communication Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Mitel Patches Critical Flaw in Enterprise Communication Platform Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

0-day, Check Point, Don't miss, exploit, Hot stuff, Microsoft, News, SANS ISC, SharePoint, vulnerability /

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

React to this headline:

Loading spinner

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)

Don't miss, Google Cloud, Hot stuff, News, SonicWall, vulnerability /

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) 2025-07-24 at 13:19 By Zeljka Zorz Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is being

React to this headline:

Loading spinner

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) Read More »

Scroll to Top