Vulnerabilities Patched in Atlassian, Cisco Products 2025-04-17 at 16:52 By Ionut Arghire Atlassian and Cisco have released patches for multiple high-severity vulnerabilities, including remote code execution bugs. The post Vulnerabilities Patched in Atlassian, Cisco Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Vulnerabilities Patched in Atlassian, Cisco Products Read More »
Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking 2025-04-17 at 15:19 By Eduard Kovacs Servers exposed to complete takeover due to CVE-2025-32433, an unauthenticated remote code execution flaw in Erlang/OTP SSH. The post Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from
Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking Read More »
SonicWall Flags Old Vulnerability as Actively Exploited 2025-04-17 at 14:05 By Eduard Kovacs A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild. The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek. This article is an excerpt from
SonicWall Flags Old Vulnerability as Actively Exploited Read More »
Critical Vulnerability Found in Apache Roller Blog Server 2025-04-16 at 14:44 By Ionut Arghire A critical vulnerability in Apache Roller could be used to maintain persistent access by reusing older sessions even after password changes. The post Critical Vulnerability Found in Apache Roller Blog Server appeared first on SecurityWeek. This article is an excerpt from
Critical Vulnerability Found in Apache Roller Blog Server Read More »
Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities 2025-04-16 at 14:01 By Ionut Arghire Chrome 135 and Firefox 137 updates have been rolled out with patches for critical- and high-severity vulnerabilities. The post Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities Read More »
Critical flaws fixed in Nagios Log Server 2025-04-15 at 13:47 By Zeljka Zorz The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The vulnerabilities, discovered and reported by security researchers Seth Kraft and Alex Tisdale, include: 1. A stored XSS vulnerability
Critical flaws fixed in Nagios Log Server Read More »
Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices 2025-04-11 at 21:05 By Zeljka Zorz A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after the original
SonicWall Patches High-Severity Vulnerability in NetExtender 2025-04-11 at 14:18 By Ionut Arghire SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug. The post SonicWall Patches High-Severity Vulnerability in NetExtender appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SonicWall Patches High-Severity Vulnerability in NetExtender Read More »
Juniper Networks Patches Dozens of Junos Vulnerabilities 2025-04-10 at 16:46 By Ionut Arghire Juniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies. The post Juniper Networks Patches Dozens of Junos Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from
Juniper Networks Patches Dozens of Junos Vulnerabilities Read More »
Study Identifies 20 Most Vulnerable Connected Devices of 2025 2025-04-10 at 15:03 By Ionut Arghire Routers are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout report shows. The post Study Identifies 20 Most Vulnerable Connected Devices of 2025 appeared first on SecurityWeek. This article is an excerpt
Study Identifies 20 Most Vulnerable Connected Devices of 2025 Read More »
FortiSwitch vulnerability may give attackers control over vulnerable devices (CVE-2024-48887) 2025-04-10 at 13:18 By Zeljka Zorz Fortinet has released patches for flaws affecting many of its products, among them a critical vulnerability (CVE-2024-48887) in its FortiSwitch appliances that could allow unauthenticated attackers to gain access to and administrative privileges on vulnerable devices. About CVE-2024-48887 Fortinet
WhatsApp vulnerability could be used to infect Windows users with malware (CVE-2025-30401) 2025-04-09 at 16:00 By Zeljka Zorz WhatsApp users are urged to update the Windows client app to plug a serious security vulnerability (CVE-2025-30401) that may allow attackers to trick users into running malicious code. Meta classifies the vulnerability as a spoofing issue that
Fortinet Patches Critical FortiSwitch Vulnerability 2025-04-09 at 13:43 By Ionut Arghire Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords. The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Fortinet Patches Critical FortiSwitch Vulnerability Read More »
SAP Patches Critical Code Injection Vulnerabilities 2025-04-08 at 16:29 By Ionut Arghire SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws. The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
SAP Patches Critical Code Injection Vulnerabilities Read More »
WhatsApp Vulnerability Could Facilitate Remote Code Execution 2025-04-08 at 16:29 By Eduard Kovacs An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users. The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
WhatsApp Vulnerability Could Facilitate Remote Code Execution Read More »
ESET Vulnerability Exploited for Stealthy Malware Execution 2025-04-08 at 15:32 By Ionut Arghire A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery. The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
ESET Vulnerability Exploited for Stealthy Malware Execution Read More »
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk 2025-04-08 at 13:58 By Ionut Arghire More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. This article is an excerpt
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk Read More »
WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) 2025-04-07 at 14:36 By Zeljka Zorz WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary code on your machine has been fixed in version 7.11. About CVE-2025-31334
WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) Read More »
Call Records of Millions Exposed by Verizon App Vulnerability 2025-04-04 at 19:00 By Eduard Kovacs A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application. The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
Call Records of Millions Exposed by Verizon App Vulnerability Read More »
Critical Apache Parquet Vulnerability Leads to Remote Code Execution 2025-04-04 at 13:18 By Ionut Arghire A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from
Critical Apache Parquet Vulnerability Leads to Remote Code Execution Read More »