vulnerability

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking 2025-06-13 at 11:33 By Eduard Kovacs Mitel has announced patches for a MiCollab path traversal vulnerability that can be exploited remotely without authentication. The post Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking Read More »

Palo Alto Networks Patches Privilege Escalation Vulnerabilities

Palo Alto Networks Patches Privilege Escalation Vulnerabilities 2025-06-12 at 11:35 By Ionut Arghire Palo Alto Networks has released patches for seven vulnerabilities and incorporated the latest Chrome fixes in its products. The post Palo Alto Networks Patches Privilege Escalation Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Palo Alto Networks Patches Privilege Escalation Vulnerabilities Read More »

Fortinet, Ivanti Patch High-Severity Vulnerabilities

Fortinet, Ivanti Patch High-Severity Vulnerabilities 2025-06-11 at 15:48 By Ionut Arghire Patches released by Fortinet and Ivanti resolve over a dozen vulnerabilities, including high-severity flaws leading to code execution, credential leaks. The post Fortinet, Ivanti Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Fortinet, Ivanti Patch High-Severity Vulnerabilities Read More »

Chrome, Firefox Updates Resolve High-Severity Memory Bugs

Chrome, Firefox Updates Resolve High-Severity Memory Bugs 2025-06-11 at 13:33 By Ionut Arghire Google and Mozilla have released patches for a combined total of four high-severity memory bugs in Chrome and Firefox. The post Chrome, Firefox Updates Resolve High-Severity Memory Bugs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Chrome, Firefox Updates Resolve High-Severity Memory Bugs Read More »

Critical Vulnerability Patched in SAP NetWeaver

Critical Vulnerability Patched in SAP NetWeaver 2025-06-10 at 14:09 By Ionut Arghire SAP has fixed a critical NetWeaver vulnerability allowing attackers to bypass authorization checks and escalate their privileges. The post Critical Vulnerability Patched in SAP NetWeaver appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerability Patched in SAP NetWeaver Read More »

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) 2025-06-10 at 13:31 By Zeljka Zorz Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a popular open-source security information and event management (SIEM) and extended detection and response

React to this headline:

Loading spinner

Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016) Read More »

Exploited Vulnerability Impacts Over 80,000 Roundcube Servers

Exploited Vulnerability Impacts Over 80,000 Roundcube Servers 2025-06-10 at 12:49 By Ionut Arghire Exploitation of a critical-severity RCE vulnerability in Roundcube started only days after a patch was released. The post Exploited Vulnerability Impacts Over 80,000 Roundcube Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this

React to this headline:

Loading spinner

Exploited Vulnerability Impacts Over 80,000 Roundcube Servers Read More »

Vulnerabilities Exposed Phone Number of Any Google User

Vulnerabilities Exposed Phone Number of Any Google User 2025-06-10 at 12:01 By Eduard Kovacs Google has awarded $5,000 to a researcher who found security holes that enabled brute-forcing the phone number of any user.  The post Vulnerabilities Exposed Phone Number of Any Google User appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Vulnerabilities Exposed Phone Number of Any Google User Read More »

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) 2025-06-09 at 15:18 By Zeljka Zorz With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming and possibly already happening. According to the Shadowserver Foundation, there

React to this headline:

Loading spinner

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) Read More »

HPE Patches Critical Vulnerability in StoreOnce

HPE Patches Critical Vulnerability in StoreOnce 2025-06-06 at 12:12 By Ionut Arghire An HPE StoreOnce vulnerability allows attackers to bypass authentication, potentially leading to remote code execution. The post HPE Patches Critical Vulnerability in StoreOnce appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

HPE Patches Critical Vulnerability in StoreOnce Read More »

Over 30 Vulnerabilities Patched in Android

Over 30 Vulnerabilities Patched in Android 2025-06-03 at 15:03 By Eduard Kovacs The latest Android updates fix vulnerabilities in Runtime, Framework, System, and third-party components of the mobile OS. The post Over 30 Vulnerabilities Patched in Android appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Over 30 Vulnerabilities Patched in Android Read More »

Technical Details Published for Critical Cisco IOS XE Vulnerability

Technical Details Published for Critical Cisco IOS XE Vulnerability 2025-06-02 at 13:00 By Ionut Arghire The critical flaw, tracked as CVE-2025-20188 (CVSS score of 10/10), allows attackers to execute arbitrary code remotely. The post Technical Details Published for Critical Cisco IOS XE Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Technical Details Published for Critical Cisco IOS XE Vulnerability Read More »

The Week in Vulnerabilities: Firefox, Roundcube and ICS Flaws Flagged by Cyble

The Week in Vulnerabilities: Firefox, Roundcube and ICS Flaws Flagged by Cyble 2025-05-28 at 17:30 By daksh sharma Cyble vulnerability intelligence researchers investigated nearly 100 IT and industrial control system (ICS) vulnerabilities this week and flagged eight as meriting high-priority attention by security teams – including two targeted by Russian threat actors. In all, Cyble

React to this headline:

Loading spinner

The Week in Vulnerabilities: Firefox, Roundcube and ICS Flaws Flagged by Cyble Read More »

The Week in Vulnerabilities: IT, ICS Fixes Prioritized by Cyble

The Week in Vulnerabilities: IT, ICS Fixes Prioritized by Cyble 2025-05-28 at 17:30 By daksh sharma Cyble vulnerability researchers identified nine high-priority fixes for IT security teams and two vulnerable ICS products. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

The Week in Vulnerabilities: IT, ICS Fixes Prioritized by Cyble Read More »

Latest Security Advisory Highlights Critical Vulnerabilities Impacting Ivanti, MDaemon, Zimbra, and More

Latest Security Advisory Highlights Critical Vulnerabilities Impacting Ivanti, MDaemon, Zimbra, and More 2025-05-28 at 17:30 By daksh sharma CISA’s latest advisory report reveals critical vulnerabilities in Ivanti, MDaemon, Zimbra, and more. Patches are available for flaws like CVE-2025-4427 in Ivanti EPMM. This article is an excerpt from Cyble View Original Source React to this headline:

React to this headline:

Loading spinner

Latest Security Advisory Highlights Critical Vulnerabilities Impacting Ivanti, MDaemon, Zimbra, and More Read More »

Attackers hit MSP, use its RMM software to deliver ransomware to clients

Attackers hit MSP, use its RMM software to deliver ransomware to clients 2025-05-28 at 14:36 By Zeljka Zorz A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium

React to this headline:

Loading spinner

Attackers hit MSP, use its RMM software to deliver ransomware to clients Read More »

Vulnerabilities found in NASA’s open source software

Vulnerabilities found in NASA’s open source software 2025-05-27 at 15:48 By Zeljka Zorz Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec credentials include founding and leading DefenseCode, is no

React to this headline:

Loading spinner

Vulnerabilities found in NASA’s open source software Read More »

Companies Warned of Commvault Vulnerability Exploitation

Companies Warned of Commvault Vulnerability Exploitation 2025-05-23 at 13:48 By Ionut Arghire CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments. The post Companies Warned of Commvault Vulnerability Exploitation appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Companies Warned of Commvault Vulnerability Exploitation Read More »

Unpatched Windows Server vulnerability allows full domain compromise

Unpatched Windows Server vulnerability allows full domain compromise 2025-05-22 at 18:45 By Zeljka Zorz A privilege escalation vulnerability in Windows Server 2025 can be used by attackers to compromise any user in Active Directory (AD), including Domain Admins. “The [“BadSuccessor”] attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server

React to this headline:

Loading spinner

Unpatched Windows Server vulnerability allows full domain compromise Read More »

GitLab, Atlassian Patch High-Severity Vulnerabilities

GitLab, Atlassian Patch High-Severity Vulnerabilities 2025-05-22 at 08:18 By Ionut Arghire GitLab and Atlassian have released patches for over a dozen vulnerabilities in their products, including high-severity bugs. The post GitLab, Atlassian Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

GitLab, Atlassian Patch High-Severity Vulnerabilities Read More »

Scroll to Top