vulnerability

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876)

0-day, CISA, Don't miss, Hot stuff, MSP, N-able, News, remote management, vulnerability /

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) 2025-08-14 at 13:33 By Zeljka Zorz Two vulnerabilities (CVE-2025-8875, CVE-2025-8876) in N-central, a remote monitoring and management (RMM) solution by N-able that’s popular with managed service providers, are being exploited by attackers. There are no public reports of exploitation, but the confirmation came from […]

React to this headline:

Loading spinner

Vulnerabilities in MSP-friendly RMM solution exploited in the wild (CVE-2025-8875, CVE-2025-8876) Read More »

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities

Croatia, Don't miss, Europe, Hot stuff, News, Ransomware, SharePoint, vulnerability /

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities 2025-08-13 at 18:01 By Zeljka Zorz The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, has confirmed that it was the one of “at least 9,000 institutions worldwide” that were attacked using the Microsoft SharePoint “ToolShell” vulnerabilities. The attack happened on Thursday,

React to this headline:

Loading spinner

Croatian research institute confirms ransomware attack via ToolShell vulnerabilities Read More »

Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia

Chipmaker Patch Tuesday, CPU, Featured, patch, Patch Tuesday, Vulnerabilities, vulnerability /

Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia 2025-08-13 at 15:35 By Eduard Kovacs Intel, AMD and Nvidia have published security advisories describing vulnerabilities found recently in their products. The post Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Chipmaker Patch Tuesday: Many Vulnerabilities Addressed by Intel, AMD, Nvidia Read More »

Microsoft Patches Over 100 Vulnerabilities

Microsoft, patch, Patch Tuesday, Vulnerabilities, vulnerability /

Microsoft Patches Over 100 Vulnerabilities 2025-08-13 at 07:02 By Eduard Kovacs Microsoft’s August 2025 Patch Tuesday updates address critical vulnerabilities in Windows, Office, and Hyper-V. The post Microsoft Patches Over 100 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Microsoft Patches Over 100 Vulnerabilities Read More »

CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event)

Application Security, Featured, Vulnerabilities, vulnerability /

CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event) 2025-08-12 at 15:35 By SecurityWeek News Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual

React to this headline:

Loading spinner

CodeSecCon Is Today: Where Software Security’s Next Chapter Unfolds (Virtual Event) Read More »

SAP Patches Critical S/4HANA Vulnerability

patch, Patch Tuesday, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical S/4HANA Vulnerability 2025-08-12 at 14:42 By Eduard Kovacs SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities. The post SAP Patches Critical S/4HANA Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

SAP Patches Critical S/4HANA Vulnerability Read More »

Chrome Sandbox Escape Earns Researcher $250,000

bug bounty, bug bounty program, Chrome, sandbox escape, Vulnerabilities, vulnerability /

Chrome Sandbox Escape Earns Researcher $250,000 2025-08-11 at 17:17 By Eduard Kovacs A researcher has been given the highest reward in Google’s Chrome bug bounty program for a sandbox escape with remote code execution. The post Chrome Sandbox Escape Earns Researcher $250,000 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Chrome Sandbox Escape Earns Researcher $250,000 Read More »

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

DDoS, Don't miss, DoS, enterprise, Hot stuff, News, SafeBreach, vulnerability, Windows, Windows Server /

Win-DDoS: Attackers can turn public domain controllers into DDoS agents 2025-08-11 at 16:02 By Zeljka Zorz SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-32724) can also be leveraged to force public DCs to participate in distributed

React to this headline:

Loading spinner

Win-DDoS: Attackers can turn public domain controllers into DDoS agents Read More »

WinRAR zero day exploited by RomCom hackers in targeted attacks

backdoor, CVE, cybersecurity, ESET, News, software, vulnerability, WinRAR /

WinRAR zero day exploited by RomCom hackers in targeted attacks 2025-08-11 at 12:55 By Sinisa Markovic ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows versions of its command line tools, UnRAR.dll, or the portable

React to this headline:

Loading spinner

WinRAR zero day exploited by RomCom hackers in targeted attacks Read More »

CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds

Application Security, Featured, Vulnerabilities, vulnerability /

CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds 2025-08-08 at 19:52 By SecurityWeek News Taking place August 12-13, CodeSecCon is the premier virtual event bringing together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained. The post CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds appeared first on SecurityWeek. This

React to this headline:

Loading spinner

CodeSecCon 2025: Where Software Security’s Next Chapter Unfolds Read More »

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls

Don't miss, firewall, GuidePoint Security, Hot stuff, Huntress, News, SonicWall, vulnerability /

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls 2025-08-07 at 14:34 By Zeljka Zorz Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a significant correlation with threat activity related to CVE-2024-40766, which

React to this headline:

Loading spinner

SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls Read More »

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment

hybrid, Microsoft Exchange, Vulnerabilities, vulnerability /

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment 2025-08-07 at 14:23 By Eduard Kovacs CISA and Microsoft have issued advisories for CVE-2025-53786, a high-severity flaw allowing privilege escalation in cloud environments.  The post Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment Read More »

Adobe patches critical Adobe Experience Manager Forms vulnerabilities with public PoC

Adobe, Don't miss, Hot stuff, News, PoC, Searchlight Cyber, security update, vulnerability /

Adobe patches critical Adobe Experience Manager Forms vulnerabilities with public PoC 2025-08-06 at 16:33 By Zeljka Zorz Adobe has released an emergency security update for Adobe Experience Manager Forms on Java Enterprise Edition (JEE), which fix two critical vulnerabilities (CVE-2025-54253, CVE-2025-54254) with a publicly available proof-of-concept (PoC) exploit. Details about the flaws have been public

React to this headline:

Loading spinner

Adobe patches critical Adobe Experience Manager Forms vulnerabilities with public PoC Read More »

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, SMBs, Trend Micro, vulnerability /

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) 2025-08-06 at 15:05 By Zeljka Zorz Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, the company has warned on Wednesday. Unfortunately for those organizations that use it, a patch

React to this headline:

Loading spinner

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) Read More »

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass

Authentication Bypass, Dell, Endpoint Security, Featured, firmware, laptop, Revault, vulnerability /

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass 2025-08-06 at 14:57 By Ionut Arghire ReVault vulnerabilities in the ControlVault3 firmware in Dell laptops could lead to firmware modifications or Windows login bypass. The post Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass Read More »

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC

Adobe, AEM Forms, PoC, Vulnerabilities, vulnerability /

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC 2025-08-06 at 13:18 By Ionut Arghire Adobe has released urgent security updates to resolve two AEM Forms vulnerabilities for which proof-of-concept (PoC) code exists. The post Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Adobe Issues Out-of-Band Patches for AEM Forms Vulnerabilities With Public PoC Read More »

Millions of Dell laptops could be persistently backdoored in ReVault attacks

Broadcom, Cisco, Dell, Don't miss, Endpoint Security, firmware, hardware, Hot stuff, News, vulnerability /

Millions of Dell laptops could be persistently backdoored in ReVault attacks 2025-08-05 at 21:19 By Zeljka Zorz A set of firmware vulnerabilities affecting 100+ Dell laptop models widely used in government settings and by the cybersecurity industry could allow attackers to achieve persistent access even across Windows reinstalls, Cisco Talos researchers have discovered. About the

React to this headline:

Loading spinner

Millions of Dell laptops could be persistently backdoored in ReVault attacks Read More »

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models

AI, Artificial Intelligence, NVIDIA, Triton Inference Server, Vulnerabilities, vulnerability /

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models 2025-08-04 at 21:22 By Eduard Kovacs Nvidia has patched over a dozen vulnerabilities in Triton Inference Server, including another set of vulnerabilities that threaten AI systems.  The post Nvidia Triton Vulnerabilities Pose Big Risk to AI Models appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Nvidia Triton Vulnerabilities Pose Big Risk to AI Models Read More »

Several Vulnerabilities Patched in AI Code Editor Cursor 

Cursor, Vulnerabilities, vulnerability /

Several Vulnerabilities Patched in AI Code Editor Cursor  2025-08-04 at 13:24 By Ionut Arghire Attackers could silently modify sensitive MCP files to trigger the execution of arbitrary code without requiring user approval. The post Several Vulnerabilities Patched in AI Code Editor Cursor  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Several Vulnerabilities Patched in AI Code Editor Cursor  Read More »

Google Project Zero Tackles Upstream Patch Gap With New Policy

disclosure policy, Google Project Zero, Vulnerabilities, vulnerability /

Google Project Zero Tackles Upstream Patch Gap With New Policy 2025-07-31 at 12:24 By Ionut Arghire Google Project Zero now publicly shares the discovery of a vulnerability and when its 90-day disclosure deadline expires. The post Google Project Zero Tackles Upstream Patch Gap With New Policy appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Google Project Zero Tackles Upstream Patch Gap With New Policy Read More »

Scroll to Top