vulnerability

Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway

ICS, ICS/OT, SCADA, vulnerability /

Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway 2025-05-21 at 18:49 By Eduard Kovacs More than 100 AutomationDirect MB-Gateway devices may be vulnerable to attacks from the internet due to CVE-2025-36535. The post Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View […]

React to this headline:

Loading spinner

Critical Flaw Allows Remote Hacking of AutomationDirect Industrial Gateway Read More »

Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities

exploited, Ivanti, Vulnerabilities, vulnerability /

Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities 2025-05-21 at 12:49 By Ionut Arghire Wiz warns that threat actors are chaining two recent Ivanti vulnerabilities to achieve unauthenticated remote code execution. The post Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities Read More »

Critical OpenPGP.js Vulnerability Allows Spoofing

email security, Encryption, OpenPGP, Vulnerabilities, vulnerability /

Critical OpenPGP.js Vulnerability Allows Spoofing 2025-05-21 at 10:16 By Eduard Kovacs An OpenPGP.js vulnerability tracked as CVE-2025-47934 allows message signature verification to be spoofed.  The post Critical OpenPGP.js Vulnerability Allows Spoofing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical OpenPGP.js Vulnerability Allows Spoofing Read More »

Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers 

CISA, LEV, NIST, prioritization, Vulnerabilities, vulnerability /

Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers  2025-05-20 at 15:39 By Eduard Kovacs The Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization.  The post Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers  Read More »

O2 Service Vulnerability Exposed User Location

location tracking, Mobile & Wireless, O2, vulnerability /

O2 Service Vulnerability Exposed User Location 2025-05-20 at 13:20 By Ionut Arghire A vulnerability in O2’s implementation of the IMS standard resulted in user location data being exposed in network responses. The post O2 Service Vulnerability Exposed User Location appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

O2 Service Vulnerability Exposed User Location Read More »

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025

competition, exploit, Featured, Pwn2OPwn, Pwn2Own 2025, Vulnerabilities, vulnerability /

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025 2025-05-19 at 12:02 By Eduard Kovacs Pwn2Own participants demonstrated exploits against VMs, AI, browsers, servers, containers, and operating systems. The post Hackers Earn Over $1 Million at Pwn2Own Berlin 2025 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025 Read More »

CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)

Chrome, CISA, Don't miss, Google, Hot stuff, Microsoft Edge, News, security update, vulnerability, vulnerability disclosure /

CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664) 2025-05-16 at 13:47 By Zeljka Zorz A high-severity Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog. About CVE-2025-4664 CVE-2025-4664 stems from insufficient policy enforcement in Google

React to this headline:

Loading spinner

CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664) Read More »

Samsung patches MagicINFO 9 Server vulnerability exploited by attackers

Don't miss, Hot stuff, Huntress, News, PoC, Samsung, SANS ISC, vulnerability /

Samsung patches MagicINFO 9 Server vulnerability exploited by attackers 2025-05-15 at 14:18 By Zeljka Zorz Companies running Samsung MagicINFO, a platform for managing content on Samsung commercial digital displays, should upgrade to the latest available version of its v9 branch to fix a vulnerability that’s reportedly being exploited by attackers. If this advice sounds familiar,

React to this headline:

Loading spinner

Samsung patches MagicINFO 9 Server vulnerability exploited by attackers Read More »

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’

Chrome, exploited, PoC, Vulnerabilities, vulnerability /

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ 2025-05-15 at 11:33 By Ionut Arghire Google has rolled out a Chrome 136 update that resolves a high-severity vulnerability for which a public exploit exists. The post Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ Read More »

Vulnerabilities Patched by Juniper, VMware and Zoom 

Juniper, Patch Tuesday, VMWare, Vulnerabilities, vulnerability, Zoom /

Vulnerabilities Patched by Juniper, VMware and Zoom  2025-05-14 at 13:46 By Ionut Arghire Juniper Networks, VMware, and Zoom have announced patches for dozens of vulnerabilities across their products. The post Vulnerabilities Patched by Juniper, VMware and Zoom  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Vulnerabilities Patched by Juniper, VMware and Zoom  Read More »

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers

exploited, Featured, Ivanti, Vulnerabilities, vulnerability, Zero-Day /

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers 2025-05-14 at 11:01 By Ionut Arghire Ivanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution. The post Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers Read More »

Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)

CERT-EU, Don't miss, Endpoint Security, Hot stuff, Ivanti, News, security update, vulnerability /

Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428) 2025-05-13 at 20:31 By Zeljka Zorz Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a “very limited” number of customers, Ivanti has confirmed on Tuesday, and urged customers to install a patch as soon as possible. “The

React to this headline:

Loading spinner

Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428) Read More »

SAP Patches Another Critical NetWeaver Vulnerability

SAP, Vulnerabilities, vulnerability /

SAP Patches Another Critical NetWeaver Vulnerability 2025-05-13 at 16:01 By Ionut Arghire SAP has released 16 new security notes on its May 2025 Security Patch Day, including a note dealing with another critical NetWeaver vulnerability. The post SAP Patches Another Critical NetWeaver Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

SAP Patches Another Critical NetWeaver Vulnerability Read More »

Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks

Asus, Vulnerabilities, vulnerability /

Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks 2025-05-12 at 14:30 By Ionut Arghire Two vulnerabilities in ASUS’s pre-installed software DriverHub can be exploited for remote code execution. The post Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Asus DriverHub Vulnerabilities Expose Users to Remote Code Execution Attacks Read More »

Possible Zero-Day Patched in SonicWall SMA Appliances

exploited, Featured, SMA, SonicWall, Vulnerabilities, vulnerability, Zero-Day /

Possible Zero-Day Patched in SonicWall SMA Appliances 2025-05-08 at 16:11 By Ionut Arghire SonicWall patches three SMA 100 vulnerabilities, including a potential zero-day, that could be chained to execute arbitrary code remotely. The post Possible Zero-Day Patched in SonicWall SMA Appliances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Possible Zero-Day Patched in SonicWall SMA Appliances Read More »

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819)

Don't miss, Hot stuff, News, Rapid7, security update, SMBs, SonicWall, VPN, vulnerability /

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) 2025-05-08 at 15:38 By Zeljka Zorz SonicWall has fixed multiple vulnerabilities affecting its SMA100 Series devices, one of which (CVE-2025-32819) appears to be a patch bypass for an arbitrary file delete vulnerability that was exploited in zero-day attacks in early 2021, and may have also

React to this headline:

Loading spinner

Yet another SonicWall SMA100 vulnerability exploited in the wild (CVE-2025-32819) Read More »

Dozens of SysAid Instances Vulnerable to Remote Hacking

PoC, SysAid, Vulnerabilities, vulnerability /

Dozens of SysAid Instances Vulnerable to Remote Hacking 2025-05-08 at 12:46 By Eduard Kovacs SysAid patches IT service management software vulnerabilities that can be chained for unauthenticated remote command execution.  The post Dozens of SysAid Instances Vulnerable to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Dozens of SysAid Instances Vulnerable to Remote Hacking Read More »

PoC exploit for SysAid pre-auth RCE released, upgrade quickly!

Don't miss, enterprise, Hot stuff, ITSM, News, PoC, SMBs, SysAid, vulnerability, WatchTowr /

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! 2025-05-07 at 15:45 By Zeljka Zorz WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service management and IT helpdesk solutions – to achieve unauthenticated remote code execution on

React to this headline:

Loading spinner

PoC exploit for SysAid pre-auth RCE released, upgrade quickly! Read More »

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)

Android, Don't miss, Google, Hot stuff, News, security update, vulnerability /

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) 2025-05-07 at 13:03 By Zeljka Zorz Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that renders

React to this headline:

Loading spinner

Actively exploited FreeType flaw fixed in Android (CVE-2025-27363) Read More »

Scroll to Top