vulnerability

Fortinet Patches Critical FortiSwitch Vulnerability

Fortinet, Vulnerabilities, vulnerability /

Fortinet Patches Critical FortiSwitch Vulnerability 2025-04-09 at 13:43 By Ionut Arghire Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords. The post Fortinet Patches Critical FortiSwitch Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Fortinet Patches Critical FortiSwitch Vulnerability Read More »

SAP Patches Critical Code Injection Vulnerabilities

patch, SAP, Vulnerabilities, vulnerability /

SAP Patches Critical Code Injection Vulnerabilities 2025-04-08 at 16:29 By Ionut Arghire SAP released 20 security notes on April 2025 patch day, including three addressing critical code injection and authentication bypass flaws. The post SAP Patches Critical Code Injection Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

SAP Patches Critical Code Injection Vulnerabilities Read More »

WhatsApp Vulnerability Could Facilitate Remote Code Execution

Meta, MIME, Vulnerabilities, vulnerability, WhatsApp /

WhatsApp Vulnerability Could Facilitate Remote Code Execution 2025-04-08 at 16:29 By Eduard Kovacs An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users. The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

WhatsApp Vulnerability Could Facilitate Remote Code Execution Read More »

ESET Vulnerability Exploited for Stealthy Malware Execution

ESET, exploited, ToddyCat, Vulnerabilities, vulnerability /

ESET Vulnerability Exploited for Stealthy Malware Execution 2025-04-08 at 15:32 By Ionut Arghire A sophisticated APT tracked as ToddyCat has exploited an ESET DLL search order hijacking vulnerability for malware delivery. The post ESET Vulnerability Exploited for Stealthy Malware Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

ESET Vulnerability Exploited for Stealthy Malware Execution Read More »

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk

exploited, Ivanti, Vulnerabilities, vulnerability /

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk 2025-04-08 at 13:58 By Ionut Arghire More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk Read More »

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)

Don't miss, Hot stuff, News, vulnerability, Windows, WinRAR /

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) 2025-04-07 at 14:36 By Zeljka Zorz WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary code on your machine has been fixed in version 7.11. About CVE-2025-31334

React to this headline:

Loading spinner

WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) Read More »

Call Records of Millions Exposed by Verizon App Vulnerability

Application Security, call records, Featured, Mobile & Wireless, Verizon, vulnerability /

Call Records of Millions Exposed by Verizon App Vulnerability 2025-04-04 at 19:00 By Eduard Kovacs A patch has been released for a serious information disclosure vulnerability affecting a Verizon call filtering application. The post Call Records of Millions Exposed by Verizon App Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Call Records of Millions Exposed by Verizon App Vulnerability Read More »

Critical Apache Parquet Vulnerability Leads to Remote Code Execution

Apache Parquet, Vulnerabilities, vulnerability /

Critical Apache Parquet Vulnerability Leads to Remote Code Execution 2025-04-04 at 13:18 By Ionut Arghire A critical vulnerability in Apache Parquet can be exploited to execute arbitrary code remotely, leading to complete system compromise. The post Critical Apache Parquet Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Apache Parquet Vulnerability Leads to Remote Code Execution Read More »

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)

cyber espionage, Don't miss, Hot stuff, Ivanti, Mandiant, News, VPN, vulnerability /

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) 2025-04-03 at 21:01 By Zeljka Zorz A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure (ICS) 22.7R2.5 or earlier or Pulse Connect Secure 9.1x. The vulnerability

React to this headline:

Loading spinner

Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457) Read More »

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking

Halo, HaloITSM, SQL injection, Vulnerabilities, vulnerability /

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking 2025-04-03 at 18:46 By Eduard Kovacs An unauthenticated SQL injection vulnerability in Halo ITSM could have been exploited to read, modify, or insert data. The post Halo ITSM Vulnerability Exposed Organizations to Remote Hacking appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Halo ITSM Vulnerability Exposed Organizations to Remote Hacking Read More »

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)

CISA, Cisco, Don't miss, expl, Hot stuff, News, SANS ISC, vulnerability /

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) 2025-04-03 at 16:15 By Zeljka Zorz CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers in the wild, CISA has confirmed on Monday by adding the flaw to its Known Exploited Vulnerabilities catalog. Cisco has followed up

React to this headline:

Loading spinner

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) Read More »

Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks

Cisco, patch, Vulnerabilities, vulnerability /

Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks 2025-04-03 at 13:06 By Ionut Arghire Cisco fixes two high-severity denial-of-service vulnerabilities in Meraki devices and Enterprise Chat and Email. The post Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Vulnerabilities Expose Cisco Meraki and ECE Products to DoS Attacks Read More »

Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities

Chrome, Firefox, Vulnerabilities, vulnerability /

Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities 2025-04-02 at 12:05 By Ionut Arghire Chrome 135 and Firefox 137 were released on Tuesday with fixes for several high-severity memory safety vulnerabilities. The post Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Loading spinner

Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities Read More »

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals

Palo Alto Networks, scanning, Vulnerabilities, vulnerability /

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals 2025-04-01 at 18:49 By Ionut Arghire GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances. The post Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals Read More »

Critical Vulnerability Found in Canon Printer Drivers

Canon, printer, Vulnerabilities, vulnerability /

Critical Vulnerability Found in Canon Printer Drivers 2025-04-01 at 14:55 By Eduard Kovacs Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers.  The post Critical Vulnerability Found in Canon Printer Drivers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Critical Vulnerability Found in Canon Printer Drivers Read More »

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

CrushFTP, exploited, Vulnerabilities, vulnerability /

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability 2025-04-01 at 14:21 By Eduard Kovacs Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability Read More »

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)

Chrome, Don't miss, Firefox, Hot stuff, Kaspersky, News, Opera, security update, Tor, vulnerability /

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857) 2025-03-28 at 12:57 By Zeljka Zorz Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw – and they found it. There’s currently no indication that the Firefox bug (CVE-2025-2857)

React to this headline:

Loading spinner

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857) Read More »

Splunk Patches Dozens of Vulnerabilities

patch, Splunk, Vulnerabilities, vulnerability /

Splunk Patches Dozens of Vulnerabilities 2025-03-27 at 20:03 By Ionut Arghire Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App. The post Splunk Patches Dozens of Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

Splunk Patches Dozens of Vulnerabilities Read More »

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

CrushFTP, Don't miss, enterprise, file-sharing, Hot stuff, News, security update, SMBs, vulnerability /

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) 2025-03-27 at 13:14 By Zeljka Zorz CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attackers, especially ransomware gangs, have a penchant for leveraging 0-day

React to this headline:

Loading spinner

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) Read More »

More Solar System Vulnerabilities Expose Power Grids to Hacking 

energy, Featured, ICS, ICS/OT, solar, Vulnerabilities, vulnerability /

More Solar System Vulnerabilities Expose Power Grids to Hacking  2025-03-27 at 12:32 By Eduard Kovacs Forescout has found dozens of vulnerabilities in solar power systems from Sungrow, Growatt and SMA. The post More Solar System Vulnerabilities Expose Power Grids to Hacking  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

More Solar System Vulnerabilities Expose Power Grids to Hacking  Read More »

Scroll to Top