watchTowr Labs

Fortinet Patches Actively Exploited FortiWeb Zero-Day

November 16, 2025

Fortinet has patched a critical zero-day vulnerability (CVE-2025-64446) in its FortiWeb firewall, which is being actively exploited to create unauthorized…

BigTech Companies

Oracle Issues Urgent Patch for Critical E-Business Suite Flaw

October 14, 2025

Oracle has released an urgent security patch for a critical vulnerability (CVE-2025-61884) in its E-Business Suite, which can be exploited…

BigTech Companies

Microsoft GoAnywhere Flaw Fuels Ransomware Attacks

October 14, 2025

Close-up portrait of Medusa with vibrant green snakes for hair, intense green eyes, and a stylized, textured face.

A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT platform is being exploited by ransomware attackers, allowing remote access without user…

BigTech Companies

Clop Hackers Stole Data Using Oracle Zero-Day Since August

October 9, 2025

The Clop ransomware group exploited a critical zero-day vulnerability (CVE-2025-61882) in Oracle's E-Business Suite, enabling remote code execution and leading…

Cybersecurity

Critical Security Flaw in Commvault Backup Suite Allows Remote Code Execution

August 21, 2025

A critical security vulnerability in on-premises Commvault deployments allows unauthenticated attackers to execute remote code by chaining four distinct flaws…

Cybersecurity

CISA Alerts: Hackers Exploiting SysAid Flaws in Active Attacks

July 24, 2025

A hooded figure holds a red cube with 'sysaid' on it, surrounded by a dramatic explosion of shattered glass in shades of red and black.

Federal cybersecurity officials warn of active attacks exploiting unpatched SysAid IT systems, risking unauthorized access to sensitive data and administrative…