vulnerability

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack

Malware, SonicWall, Vulnerabilities, vulnerability /

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack 2025-07-24 at 13:18 By Ionut Arghire SonicWall advises organizations to patch SMA 100 appliances and look for IoCs associated with Overstep malware attacks. The post SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack appeared first on SecurityWeek. This article is an […]

React to this headline:

Loading spinner

SonicWall Patches Critical SMA 100 Vulnerability, Warns of Recent Malware Attack Read More »

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named

China APT, exploited, Government, Malware & Threats, Microsoft, SharePoint, ToolShell, vulnerability /

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named 2025-07-24 at 12:35 By Eduard Kovacs More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors. The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named Read More »

Maximum severity Cisco ISE vulnerabilities exploited by attackers

access control, Cisco, Don't miss, Hot stuff, identity services, News, vulnerability /

Maximum severity Cisco ISE vulnerabilities exploited by attackers 2025-07-23 at 16:20 By Zeljka Zorz One or more vulnerabilities affecting Cisco Identity Services Engine (ISE) are being exploited in the wild, Cisco has confirmed by updating the security advisory for the flaws. About the vulnerabilities The three vulnerabilities affect Cisco’s Identity Services Engine (ISE) – a

React to this headline:

Loading spinner

Maximum severity Cisco ISE vulnerabilities exploited by attackers Read More »

Critical Vulnerabilities Patched in Sophos Firewall

firewall, Network Security, Sophos, Vulnerabilities, vulnerability /

Critical Vulnerabilities Patched in Sophos Firewall 2025-07-23 at 14:35 By Ionut Arghire Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code. The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerabilities Patched in Sophos Firewall Read More »

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities

Cisco, Cisco ISE, exploited, Vulnerabilities, vulnerability /

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities 2025-07-23 at 12:27 By Ionut Arghire Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution. The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Hackers Start Exploiting Critical Cisco ISE Vulnerabilities Read More »

Microsoft pins on-prem SharePoint attacks on Chinese threat actors

Check Point, China, Don't miss, exploit, Eye Security, Hot stuff, News, Palo Alto Networks, Rapid7, SentinelOne, SharePoint, Trend Micro, vulnerability /

Microsoft pins on-prem SharePoint attacks on Chinese threat actors 2025-07-22 at 18:54 By Zeljka Zorz As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details about the ones they have detected. Most intriguingly, Check Point Research says that they observed

React to this headline:

Loading spinner

Microsoft pins on-prem SharePoint attacks on Chinese threat actors Read More »

Vulnerabilities Expose Helmholz Industrial Routers to Hacking

Helmholz, ICS, ICS/OT, industrial router, OT, router, Vulnerabilities, vulnerability /

Vulnerabilities Expose Helmholz Industrial Routers to Hacking 2025-07-22 at 16:57 By Eduard Kovacs Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz. The existence of the security holes came to light last week, when Germany’s CERT@VDE published an advisory describing eight vulnerabilities discovered in

React to this headline:

Loading spinner

Vulnerabilities Expose Helmholz Industrial Routers to Hacking Read More »

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)

CrushFTP, Don't miss, enterprise, exploit, file-sharing, Hot stuff, News, Rapid7, Shadowserver, SMBs, vulnerability /

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) 2025-07-21 at 15:42 By Zeljka Zorz Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable deployments. It’s currently unclear what the attackers are using this access for, but data theft looks most likely. According to

React to this headline:

Loading spinner

Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309) Read More »

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available

CVE-2025-53770, exploit, Featured, Microsoft, SharePoint, Threat Intelligence, Vulnerabilities, vulnerability /

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available 2025-07-20 at 17:16 By Mike Lennon Enterprises running SharePoint servers should not wait for a fix for CVE-2025-53770 and should commence threat hunting to search for compromise immediately. The post SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the

React to this headline:

Loading spinner

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available Read More »

Cisco Patches Another Critical ISE Vulnerability

Cisco, patch, Vulnerabilities, vulnerability /

Cisco Patches Another Critical ISE Vulnerability 2025-07-17 at 12:32 By Ionut Arghire Cisco has released patches for multiple vulnerabilities, including a critical flaw in Cisco ISE that leads to remote code execution (RCE). The post Cisco Patches Another Critical ISE Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Cisco Patches Another Critical ISE Vulnerability Read More »

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched

patch, Pwn2Own, VMWare, Vulnerabilities, vulnerability /

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched 2025-07-17 at 12:32 By Eduard Kovacs Four CVEs disclosed at the Pwn2Own Berlin 2025 hacking competition have been patched in VMware products. The post VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched Read More »

Oracle Patches 200 Vulnerabilities With July 2025 CPU

Oracle, patch, Vulnerabilities, vulnerability /

Oracle Patches 200 Vulnerabilities With July 2025 CPU 2025-07-17 at 10:37 By Ionut Arghire Oracle’s July 2025 Critical Patch Update contains 309 security patches that address approximately 200 unique CVEs. The post Oracle Patches 200 Vulnerabilities With July 2025 CPU appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Oracle Patches 200 Vulnerabilities With July 2025 CPU Read More »

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit

backdoor, credentials, Don't miss, Google, Hot stuff, Mandiant, News, SonicWall, vulnerability /

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit 2025-07-16 at 20:54 By Zeljka Zorz Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent backdoor / rootkit, analysts with Google’s Threat Intelligence Group (GTIG) have warned. The analysts say UNC6148 – as

React to this headline:

Loading spinner

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit Read More »

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability 

AI, Artificial Intelligence, Big Sleep, SQLite, Vulnerabilities, vulnerability /

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  2025-07-16 at 14:47 By Eduard Kovacs Google refused to share any details on how its Big Sleep AI foiled efforts to exploit a SQLite vulnerability in the wild. The post Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Google Says AI Agent Thwarted Exploitation of Critical Vulnerability  Read More »

Vulnerable firmware for Gigabyte motherboards could allow bootkit installation

Binarly, bootkit, consumer, Don't miss, firmware, Gigabyte, Hot stuff, News, security update, vulnerability /

Vulnerable firmware for Gigabyte motherboards could allow bootkit installation 2025-07-15 at 16:19 By Zeljka Zorz UEFI firmware running on 100+ Gigabyte motherboard models is affected by memory corruption vulnerabilities that may allow attackers to install persistent and difficult-to-detect bootkits (i.e., malware designed to infect the computer’s boot process). “While AMI (the original firmware supplier) has

React to this headline:

Loading spinner

Vulnerable firmware for Gigabyte motherboards could allow bootkit installation Read More »

Google Gemini Tricked Into Showing Phishing Message Hidden in Email 

AI jailbreak, Artificial Intelligence, Google Gemini, prompt injection, vulnerability /

Google Gemini Tricked Into Showing Phishing Message Hidden in Email  2025-07-14 at 17:04 By Eduard Kovacs Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email. The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email  appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Google Gemini Tricked Into Showing Phishing Message Hidden in Email  Read More »

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)

Don't miss, exploit, Fortinet, Hot stuff, News, PoC, Rapid7, vulnerability, WatchTowr, web application security /

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) 2025-07-14 at 16:34 By Zeljka Zorz With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 – a critical SQL command injection vulnerability in Fortinet’s FortiWeb web application firewall – is expected to be leveraged by attackers soon. About CVE-2025-25257 CVE-2025-25257 is found

React to this headline:

Loading spinner

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) Read More »

Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment

backdoor, Endpoint Security, firmware, Gigabyte, secure boot, vulnerability /

Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment 2025-07-14 at 14:54 By Ionut Arghire Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase. The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment Read More »

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812)

Censys, Don't miss, exploit, file-sharing, Hot stuff, Huntress, MSP, News, PoC, RCE Security, SMBs, vulnerability, Wing FTP server /

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) 2025-07-11 at 15:32 By Zeljka Zorz Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP Server and CVE-2025-47812 Wing FTP Server is a commercial file transfer server solution used by businesses,

React to this headline:

Loading spinner

Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) Read More »

McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications

data breach, Data Breaches, Data leak, McDonald's, vulnerability /

McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications 2025-07-11 at 13:01 By Ionut Arghire Two vulnerabilities in an internal API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonald’s applicants. The post McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications Read More »

Scroll to Top