vulnerability

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC

Adobe, AEM Forms, PoC, Vulnerabilities, vulnerability /

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC 2025-08-06 at 13:18 By Ionut Arghire Adobe has released urgent security updates to resolve two AEM Forms vulnerabilities for which proof-of-concept (PoC) code exists. The post Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC appeared first on SecurityWeek. This article is […]

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC Read More »

Millions of Dell laptops could be persistently backdoored in ReVault attacks

Broadcom, Cisco, Dell, Don't miss, Endpoint Security, firmware, hardware, Hot stuff, News, vulnerability /

Millions of Dell laptops could be persistently backdoored in ReVault attacks 2025-08-05 at 21:19 By Zeljka Zorz A set of firmware vulnerabilities affecting 100+ Dell laptop models widely used in government settings and by the cybersecurity industry could allow attackers to achieve persistent access even across Windows reinstalls, Cisco Talos researchers have discovered. About the

Millions of Dell laptops could be persistently backdoored in ReVault attacks Read More »

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models

AI, Artificial Intelligence, NVIDIA, Triton Inference Server, Vulnerabilities, vulnerability /

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models 2025-08-04 at 21:22 By Eduard Kovacs Nvidia has patched over a dozen vulnerabilities in Triton Inference Server, including another set of vulnerabilities that threaten AI systems.  The post Nvidia Triton Vulnerabilities Pose Big Risk to AI Models appeared first on SecurityWeek. This article is an excerpt

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models Read More »

Several Vulnerabilities Patched in AI Code Editor Cursor 

Cursor, Vulnerabilities, vulnerability /

Several Vulnerabilities Patched in AI Code Editor Cursor  2025-08-04 at 13:24 By Ionut Arghire Attackers could silently modify sensitive MCP files to trigger the execution of arbitrary code without requiring user approval. The post Several Vulnerabilities Patched in AI Code Editor Cursor  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

Several Vulnerabilities Patched in AI Code Editor Cursor  Read More »

Google Project Zero Tackles Upstream Patch Gap With New Policy

disclosure policy, Google Project Zero, Vulnerabilities, vulnerability /

Google Project Zero Tackles Upstream Patch Gap With New Policy 2025-07-31 at 12:24 By Ionut Arghire Google Project Zero now publicly shares the discovery of a vulnerability and when its 90-day disclosure deadline expires. The post Google Project Zero Tackles Upstream Patch Gap With New Policy appeared first on SecurityWeek. This article is an excerpt

Google Project Zero Tackles Upstream Patch Gap With New Policy Read More »

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes

Featured, Honeywell, ICS, ICS/OT, OT, SCADA, vulnerability /

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes 2025-07-31 at 12:24 By Eduard Kovacs Honeywell has patched several critical and high-severity vulnerabilities in its Experion PKS  industrial process control and automation product. The post Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Honeywell Experion PKS Flaws Allow Manipulation of Industrial Processes Read More »

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications

AI, Application Security, Artificial Intelligence, Authentication Bypass, Base44, vibe coding, vulnerability, Wix /

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications 2025-07-30 at 14:18 By Eduard Kovacs Base44 owner Wix quickly patched a critical authentication bypass vulnerability discovered by researchers at Wiz. The post Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

Flaw in Vibe Coding Platform Base44 Exposed Private Enterprise Applications Read More »

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment

Endpoint, Endpoint Security, firmware, Lenovo, SMM, vulnerability /

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment 2025-07-29 at 20:02 By Eduard Kovacs Vulnerabilities discovered by Binarly in Lenovo devices allow privilege escalation, code execution, and security bypass. The post Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Lenovo Firmware Vulnerabilities Allow Persistent Implant Deployment Read More »

Organizations Warned of Exploited PaperCut Flaw

CISA KEV, exploited, PaperCut, Vulnerabilities, vulnerability /

Organizations Warned of Exploited PaperCut Flaw 2025-07-29 at 14:52 By Ionut Arghire Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely. The post Organizations Warned of Exploited PaperCut Flaw appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Organizations Warned of Exploited PaperCut Flaw Read More »

Sploitlight: macOS Vulnerability Leaks Sensitive Information

macOS, Sploitlight, Spotlight, Vulnerabilities, vulnerability /

Sploitlight: macOS Vulnerability Leaks Sensitive Information 2025-07-29 at 14:22 By Ionut Arghire The TCC bypass could expose information cached by Apple Intelligence, including geolocation and biometric data. The post Sploitlight: macOS Vulnerability Leaks Sensitive Information appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Sploitlight: macOS Vulnerability Leaks Sensitive Information Read More »

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking

camera, LG, Vulnerabilities, vulnerability /

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking 2025-07-25 at 15:57 By Eduard Kovacs LG Innotek LNV5110R security cameras are affected by a vulnerability that can be exploited for unauthenticated remote code execution. The post No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking appeared first on SecurityWeek.

No Patch for Flaw Exposing Hundreds of LG Cameras to Remote Hacking Read More »

Mitel Patches Critical Flaw in Enterprise Communication Platform

Mitel, Vulnerabilities, vulnerability /

Mitel Patches Critical Flaw in Enterprise Communication Platform 2025-07-25 at 15:00 By Ionut Arghire An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system. The post Mitel Patches Critical Flaw in Enterprise Communication Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

Mitel Patches Critical Flaw in Enterprise Communication Platform Read More »

Storm-2603 spotted deploying ransomware on exploited SharePoint servers

0-day, Check Point, Don't miss, exploit, Hot stuff, Microsoft, News, SANS ISC, SharePoint, vulnerability /

Storm-2603 spotted deploying ransomware on exploited SharePoint servers 2025-07-24 at 19:03 By Zeljka Zorz One of the groups that, in the past few weeks, has been exploiting vulnerabilities in on-prem SharePoint installation has been observed deploying Warlock ransomware, Microsoft shared on Wednesday. First attack spotted on July 7th On Saturday, Microsoft announced that attackers have

Storm-2603 spotted deploying ransomware on exploited SharePoint servers Read More »

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599)

Don't miss, Google Cloud, Hot stuff, News, SonicWall, vulnerability /

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) 2025-07-24 at 13:19 By Zeljka Zorz Sonicwall is asking customers running specific Secure Mobile Access (SMA) 100 Series devices to patch a newly uncovered vulnerability (CVE-2025-40599) as soon as possible. “While there is currently no evidence that this vulnerability is being

Sonicwall fixes critical flaw in SMA appliances, urges customers to check for compromise (CVE-2025-40599) Read More »

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack

Malware, SonicWall, Vulnerabilities, vulnerability /

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack 2025-07-24 at 13:18 By Ionut Arghire SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks. The post SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack appeared first on SecurityWeek. This article is an

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Maximum severity Cisco ISE vulnerabilities exploited by attackers

access control, Cisco, Don't miss, Hot stuff, identity services, News, vulnerability /

Maximum severity Cisco ISE vulnerabilities exploited by attackers 2025-07-23 at 16:20 By Zeljka Zorz One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Identity Services Engine (ISE) – a

Maximum severity Cisco ISE vulnerabilities exploited by attackers Read More »

Critical Vulnerabilities Patched in Sophos Firewall

firewall, Network Security, Sophos, Vulnerabilities, vulnerability /

Critical Vulnerabilities Patched in Sophos Firewall 2025-07-23 at 14:35 By Ionut Arghire Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code. The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Vulnerabilities Patched in Sophos Firewall Read More »

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities

Cisco, Cisco ISE, exploited, Vulnerabilities, vulnerability /

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities 2025-07-23 at 12:27 By Ionut Arghire Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution. The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities Read More »

Microsoft pins on-prem SharePoint attacks on Chinese threat actors

Check Point, China, Don't miss, exploit, Eye Security, Hot stuff, News, Palo Alto Networks, Rapid7, SentinelOne, SharePoint, Trend Micro, vulnerability /

Microsoft pins on-prem SharePoint attacks on Chinese threat actors 2025-07-22 at 18:54 By Zeljka Zorz As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed

Microsoft pins on-prem SharePoint attacks on Chinese threat actors Read More »

Scroll to Top