vulnerability

TeamViewer Patches High-Severity Vulnerability in Windows Applications

TeamViewer, Vulnerabilities, vulnerability /

TeamViewer Patches High-Severity Vulnerability in Windows Applications 2025-01-30 at 15:20 By Ionut Arghire TeamViewer has released patches for a high-severity elevation of privilege vulnerability in its client and host applications for Windows. The post TeamViewer Patches High-Severity Vulnerability in Windows Applications appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source […]

React to this headline:

Loading spinner

TeamViewer Patches High-Severity Vulnerability in Windows Applications Read More »

ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes

ICS Vulnerability, MySCADA, vulnerability /

ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes 2025-01-30 at 10:48 By daksh sharma Overview A pair of 9.8-severity flaws in mySCADA myPRO Manager SCADA systems were among the vulnerabilities highlighted in Cyble’s weekly Industrial Control System (ICS) Vulnerability Intelligence Report. Cyble Research & Intelligence Labs (CRIL) examined eight ICS vulnerabilities in the January 28

React to this headline:

Loading spinner

ICS Vulnerability Report: Cyble Urges Critical mySCADA Fixes Read More »

89% of AI-powered APIs rely on insecure authentication mechanisms

API security, Artificial Intelligence, cybersecurity, News, report, survey, vulnerability, Wallarm /

89% of AI-powered APIs rely on insecure authentication mechanisms 2025-01-30 at 06:33 By Help Net Security APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, what is clear is that API security is no longer

React to this headline:

Loading spinner

89% of AI-powered APIs rely on insecure authentication mechanisms Read More »

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)

Censys, Don't miss, GreyNoise, Hot stuff, News, VulnCheck, vulnerability, Zyxel /

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) 2025-01-29 at 18:32 By Zeljka Zorz CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Greynoise has warned. Successful exploitation would allow attackers to execute

React to this headline:

Loading spinner

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) Read More »

New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems

ICS Vulnerabilities, vulnerability /

New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems 2025-01-29 at 15:03 By daksh sharma Overview The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued two urgent advisories regarding serious ICS vulnerabilities in industrial control systems (ICS) products. These ICS vulnerabilities, identified in Schneider Electric’s RemoteConnect and SCADAPack x70 Utilities, as well as

React to this headline:

Loading spinner

New ICS Vulnerabilities Discovered in Schneider Electric and B&R Automation Systems Read More »

Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks

Node.js, vulnerability /

Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks 2025-01-28 at 14:18 By daksh sharma Overview A series of critical security vulnerabilities have been discovered in multiple versions of Node.js, a popular open-source JavaScript runtime used to build scalable network applications. These vulnerabilities, outlined in CERT-In Vulnerability Note CIVN-2025-0011, have been classified as high severity,

React to this headline:

Loading spinner

Critical Vulnerabilities in Node.js Expose Systems to Remote Attacks Read More »

phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities

PHPMyAdmin, vulnerability /

phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities 2025-01-28 at 11:48 By daksh sharma Overview phpMyAdmin, a popular web-based tool for managing MySQL and MariaDB databases, has recently released version 5.2.2, addressing multiple vulnerabilities that posed a medium severity risk. This widely-used tool is a basis for database administrators, offering strong features and ease of

React to this headline:

Loading spinner

phpMyAdmin 5.2.2 Addresses Critical XSS and Library Vulnerabilities Read More »

LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity

5G, cellular, LTE, Mobile & Wireless, vulnerability /

LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity 2025-01-27 at 18:36 By Ionut Arghire Vulnerabilities in LTE/5G core infrastructure, some remotely exploitable, could lead to persistent denial-of-service to entire cities. The post LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity Read More »

IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble

vulnerability /

IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble 2025-01-27 at 17:20 By daksh sharma Overview Cyble’s vulnerability intelligence report to clients last week examined high-risk flaws in 7-Zip, Microsoft Windows, and Fortinet, among other products. It also examined dark web claims of a zero-day vulnerability in Apple iOS. In all, the report

React to this headline:

Loading spinner

IT Vulnerability Report: 7-Zip, Windows and Fortinet Fixes Urged by Cyble Read More »

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

Bishop Fox, CVE, Don't miss, enterprise, Hot stuff, News, security update, SMBs, SonicWall, vulnerability /

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) 2025-01-27 at 17:20 By Zeljka Zorz 5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last week from Bishop Fox researchers, after they successfully exploited the vulnerability on

React to this headline:

Loading spinner

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704) Read More »

Git Vulnerabilities Led to Credentials Exposure

Clone2Leak, Git, Vulnerabilities, vulnerability /

Git Vulnerabilities Led to Credentials Exposure 2025-01-27 at 14:49 By Ionut Arghire Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials. The post Git Vulnerabilities Led to Credentials Exposure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Git Vulnerabilities Led to Credentials Exposure Read More »

Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management 

vulnerability /

Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management  2025-01-24 at 16:48 By Cyble Overview  The Cybersecurity and Infrastructure Security Agency (CISA) has introduced Vulnrichment, an innovative initiative designed to enhance CVE data by adding crucial context, scoring, and detailed analysis. Launched on May 10, 2024, Vulnrichment aims to empower security professionals by providing more

React to this headline:

Loading spinner

Unlocking Vulnrichment: Enhancing CVE Data for Smarter Vulnerability Management  Read More »

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

Cisco, Don't miss, Hot stuff, News, PoC, security update, video conferencing, vulnerability /

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw 2025-01-23 at 15:03 By Zeljka Zorz Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could terminate the ClamAV scanning process on endpoints running a Cisco Secure Endpoint

React to this headline:

Loading spinner

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw Read More »

Aircraft Collision Avoidance Systems Hit by High-Severity ICS Vulnerability 

cyber news, vulnerability /

Aircraft Collision Avoidance Systems Hit by High-Severity ICS Vulnerability  2025-01-23 at 14:48 By Paul Shread Overview  A pair of vulnerabilities in the Traffic Alert and Collision Avoidance System (TCAS) II for avoiding midair collisions were among 20 vulnerabilities reported by Cyble in its weekly Industrial Control System (ICS) Vulnerability Intelligence Report.  The midair collision system

React to this headline:

Loading spinner

Aircraft Collision Avoidance Systems Hit by High-Severity ICS Vulnerability  Read More »

 JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products

JoCERT, Vulnerabilities, vulnerability /

 JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products 2025-01-21 at 15:32 By daksh sharma Overview JoCERT has issued an alert regarding critical command injection vulnerabilities discovered in HPE Aruba’s 501 Wireless Client Bridge. The vulnerabilities, tracked as CVE-2024-54006 and CVE-2024-54007, allow authenticated attackers with administrative privileges to execute arbitrary commands on

React to this headline:

Loading spinner

 JoCERT Issues Warning on Exploitable Command Injection Flaws in HPE Aruba Products Read More »

Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users

Mozilla Vulnerabilities, vulnerability /

Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users 2025-01-21 at 11:33 By daksh sharma Overview Mozilla products, including the popular Mozilla Firefox and Thunderbird, have been found to contain multiple vulnerabilities that could allow attackers to execute arbitrary code, cause system instability, and even gain escalated privileges. The severity of these issues

React to this headline:

Loading spinner

Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users Read More »

Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk

CVE-2024-55591, Fortinet, vulnerability /

Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk 2025-01-20 at 17:49 By daksh sharma Overview Fortinet, a global leader in cybersecurity solutions, recently released a critical advisory addressing a significant vulnerability (CVE-2024-55591) in its FortiOS and FortiProxy products. This flaw, which has a CVSSv3 score of 9.6, is categorized as a critical authentication bypass vulnerability and

React to this headline:

Loading spinner

Fortinet Zero-Day CVE-2024-55591 Exposed: Super-Admin Access Risk Read More »

Cyble Sensors Detect Attacks on Check Point, Ivanti and More

Check Point, vulnerability /

Cyble Sensors Detect Attacks on Check Point, Ivanti and More 2025-01-20 at 17:01 By daksh sharma Cyble honeypots have detected vulnerability exploits on Check Point and Ivanti products, databases, CMS systems, and many other IT products. Overview Cyble honeypot sensors have detected new attacks on vulnerabilities in Check Point and Ivanti products, among dozens of

React to this headline:

Loading spinner

Cyble Sensors Detect Attacks on Check Point, Ivanti and More Read More »

Weekly IT Vulnerability Report: Critical Updates for SAP, Microsoft, Fortinet, and Others

IT Vulnerability, vulnerability /

Weekly IT Vulnerability Report: Critical Updates for SAP, Microsoft, Fortinet, and Others 2025-01-17 at 15:03 By daksh sharma Key vulnerabilities in SAP, Microsoft, Fortinet, and others demand immediate attention as threat actors exploit critical flaws. Overview Cyble Research and Intelligence Labs (CRIL) analyzed significant IT vulnerabilities disclosed between January 8 and 14, 2025. The Cybersecurity

React to this headline:

Loading spinner

Weekly IT Vulnerability Report: Critical Updates for SAP, Microsoft, Fortinet, and Others Read More »

Critical SimpleHelp vulnerabilities fixed, update your server instances!

Don't miss, enterprise, Horizon3.ai, Hot stuff, News, remote access, SimpleHelp, SMBs, software, tech support, vulnerability /

Critical SimpleHelp vulnerabilities fixed, update your server instances! 2025-01-16 at 17:04 By Zeljka Zorz If you’re an organization using SimpleHelp for your remote IT support/access needs, you should update or patch your server installation without delay, to fix security vulnerabilities that may be exploited by remote attackers to execute code on the underlying host. About

React to this headline:

Loading spinner

Critical SimpleHelp vulnerabilities fixed, update your server instances! Read More »

Scroll to Top