vulnerability

Critical Cisco ISE Vulnerabilities Allow Remote Code Execution 

Critical Cisco ISE Vulnerabilities Allow Remote Code Execution  2025-06-26 at 12:02 By Ionut Arghire Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges. The post Critical Cisco ISE Vulnerabilities Allow Remote Code Execution  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Critical Cisco ISE Vulnerabilities Allow Remote Code Execution  Read More »

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) 2025-06-26 at 00:15 By Zeljka Zorz A high-severity vulnerability (CVE-2025-49144) in the Notepad++ installer could be exploited by unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. There is currently no indication that the vulnerability is being leveraged by attackers, though technical details

React to this headline:

Loading spinner

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) Read More »

New Vulnerabilities Expose Millions of Brother Printers to Hacking

New Vulnerabilities Expose Millions of Brother Printers to Hacking 2025-06-25 at 14:21 By Eduard Kovacs Rapid7 has found several serious vulnerabilities affecting over 700 printer models from Brother and other vendors.  The post New Vulnerabilities Expose Millions of Brother Printers to Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

New Vulnerabilities Expose Millions of Brother Printers to Hacking Read More »

Code Execution Vulnerability Patched in GitHub Enterprise Server

Code Execution Vulnerability Patched in GitHub Enterprise Server 2025-06-25 at 14:21 By Ionut Arghire A high-severity vulnerability in GitHub Enterprise Server could have allowed remote attackers to execute arbitrary code. The post Code Execution Vulnerability Patched in GitHub Enterprise Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Code Execution Vulnerability Patched in GitHub Enterprise Server Read More »

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities 2025-06-25 at 13:18 By Ionut Arghire Chrome 138 and Firefox 140 are rolling out with fixes for two dozen vulnerabilities, including high-severity memory safety issues. The post Chrome 138, Firefox 140 Patch Multiple Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chrome 138, Firefox 140 Patch Multiple Vulnerabilities Read More »

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) 2025-06-24 at 12:45 By Zeljka Zorz A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The vulnerability has been patched in WinRAR 7.12 beta 1, released on June 10, 2025, and users are advised

React to this headline:

Loading spinner

High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218) Read More »

Critical Authentication Bypass Flaw Patched in Teleport

Critical Authentication Bypass Flaw Patched in Teleport 2025-06-23 at 14:50 By Ionut Arghire A critical-severity vulnerability in Teleport could allow remote attackers to bypass SSH authentication and access managed systems. The post Critical Authentication Bypass Flaw Patched in Teleport appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Critical Authentication Bypass Flaw Patched in Teleport Read More »

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) 2025-06-23 at 14:14 By Zeljka Zorz Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. The vulnerabilities have been privately disclosed and there is no indication that they are under active exploitation. Nevertheless, the

React to this headline:

Loading spinner

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) Read More »

Motors Theme Vulnerability Exploited to Hack WordPress Websites

Motors Theme Vulnerability Exploited to Hack WordPress Websites 2025-06-20 at 14:22 By Ionut Arghire Threat actors are exploiting a critical-severity vulnerability in Motors theme for WordPress to change arbitrary user passwords. The post Motors Theme Vulnerability Exploited to Hack WordPress Websites appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Motors Theme Vulnerability Exploited to Hack WordPress Websites Read More »

High-Severity Vulnerabilities Patched by Cisco, Atlassian

High-Severity Vulnerabilities Patched by Cisco, Atlassian 2025-06-19 at 11:47 By Ionut Arghire Cisco has resolved a high-severity vulnerability in Meraki MX and Meraki Z devices. Atlassian pushed patches for multiple third-party dependencies. The post High-Severity Vulnerabilities Patched by Cisco, Atlassian appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

High-Severity Vulnerabilities Patched by Cisco, Atlassian Read More »

Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection

Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection 2025-06-18 at 20:11 By Ionut Arghire Misconfigured permissions in Google’s Gerrit code collaboration platform could have led to the compromise of ChromiumOS and other Google projects. The post Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Gerrit Misconfiguration Exposed Google Projects to Malicious Code Injection Read More »

Critical Vulnerability Patched in Citrix NetScaler

Critical Vulnerability Patched in Citrix NetScaler 2025-06-18 at 16:20 By Ionut Arghire Citrix has released patches for critical- and high-severity vulnerabilities in NetScaler and Secure Access Client and Workspace for Windows. The post Critical Vulnerability Patched in Citrix NetScaler appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Critical Vulnerability Patched in Citrix NetScaler Read More »

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation 2025-06-18 at 15:33 By Eduard Kovacs Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. The post Linux Security: New Flaws Allow Root Access, CISA Warns of Old

React to this headline:

Loading spinner

Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation Read More »

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) 2025-06-18 at 14:49 By Zeljka Zorz Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with minimal effort.” About the vulnerabilities (CVE-2025-6018, CVE-2025-6019) CVE-2025-6018 affects the Pluggable

React to this headline:

Loading spinner

Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019) Read More »

Chrome 137 Update Patches High-Severity Vulnerabilities

Chrome 137 Update Patches High-Severity Vulnerabilities 2025-06-18 at 12:52 By Ionut Arghire Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components. The post Chrome 137 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chrome 137 Update Patches High-Severity Vulnerabilities Read More »

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products 2025-06-18 at 11:45 By Ionut Arghire Veeam and BeyondTrust have resolved several vulnerabilities that could be exploited for remote code execution. The post Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products Read More »

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers 2025-06-17 at 14:01 By Ionut Arghire CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. The post Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers Read More »

Asus Armoury Crate Vulnerability Leads to Full System Compromise

Asus Armoury Crate Vulnerability Leads to Full System Compromise 2025-06-17 at 12:49 By Ionut Arghire A high-severity authorization bypass vulnerability in Asus Armoury Crate provides attackers with low-level system privileges. The post Asus Armoury Crate Vulnerability Leads to Full System Compromise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Asus Armoury Crate Vulnerability Leads to Full System Compromise Read More »

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) 2025-06-13 at 15:22 By Zeljka Zorz A zero-click attack leveraging a freshly disclosed Messages vulnerability (CVE-2025-43200) has infected the iPhones of two European journalists with Paragon’s Graphite mercenary spyware, Citizen Lab researchers have revealed on Thursday. The attacks happened in January and early February 2025. “We

React to this headline:

Loading spinner

iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200) Read More »

Scroll to Top