Topic: active exploitation
-
Microsoft Silent as Hackers Exploit WSUS Server Bug
A critical Windows Server Update Services (WSUS) vulnerability (CVE-2025-59287) is being actively exploited, allowing attackers to execute arbitrary code and take full control of affected systems. Microsoft issued an emergency patch after an initial fix failed, but security researchers have alrea...
Read More » -
Urgent Windows SMB Flaw Actively Exploited, CISA Warns
A critical Windows SMB vulnerability (CVE-2025-33073) is being actively exploited, allowing attackers to gain full SYSTEM-level control over unpatched systems. The flaw affects a wide range of Microsoft operating systems, including Windows Server, Windows 10, and Windows 11 up to version 24H2, an...
Read More » -
Urgent: 50,000 Cisco Firewalls at Risk From Active Attacks
Attackers are actively exploiting critical vulnerabilities CVE-2025-20333 and CVE-2025-20362 in around 50,000 Cisco ASA and FTD devices, enabling unauthorized remote code execution and access without authentication. Over 48,800 internet-facing devices remain unpatched, primarily in the U.S., with...
Read More » -
SAP S/4HANA Vulnerability Actively Exploited in Attacks
A critical vulnerability (CVE-2025-42957) in SAP S/4HANA allows attackers to execute unauthorized code and gain administrative control. Despite a patch being available since August 2025, many systems remain unpatched, leading to active exploitation in the wild. Successful attacks can result in se...
Read More » -
Patch Alert: CitrixBleed 2 Still a Threat (CVE-2025-5777)
A critical vulnerability (CVE-2025-5777) in Citrix NetScaler systems is being exploited, enabling session hijacking and unauthorized access despite Citrix's denial of confirmed attacks. The flaw allows attackers to extract session tokens via manipulated login requests, potentially compromising ad...
Read More » -
Roundcube RCE Flaw (CVE-2025-49113) Sparks Dark Web Attack Fears
A critical vulnerability (CVE-2025-49113) in Roundcube webmail allows attackers to execute malicious code, putting thousands of unpatched servers at risk, with exploit code already circulating. Around 84,000 exposed Roundcube installations, primarily in Europe, Asia, and North America, include hi...
Read More » -
Cisco ASA Firewalls Under Active Attack from Zero-Day Exploits
Cisco has issued an urgent alert to patch two actively exploited zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) affecting its ASA and FTD software. The company, aided by international cybersecurity agencies, also addressed a third critical flaw (CVE-2025-20363) but has not linked it...
Read More » -
Urgent Microsoft WSUS Flaw Actively Exploited After Patch
A severe security vulnerability (CVE-2025-59287) in Microsoft's WSUS allows unauthenticated remote code execution with SYSTEM privileges, prompting an urgent out-of-band patch due to incomplete initial fixes. The flaw arises from unsafe deserialization via BinaryFormatter in the `GetCookie()` end...
Read More » -
CISA Warns of Active Dassault RCE Exploit—Patch Now
A critical remote code execution vulnerability (CVE-2025-5086) is being actively exploited in Dassault Systèmes' DELMIA Apriso software, affecting versions from 2020 to 2025. The flaw, caused by unsafe deserialization, allows attackers to execute arbitrary code via malicious SOAP requests, with e...
Read More » -
SAP Issues Critical Security Alert for Multiple Products
SAP has issued a critical security alert for multiple vulnerabilities, including one with the highest severity score, as threat actors actively exploit a separate high-severity flaw. The most severe vulnerability, CVE-2025-42944 with a CVSS score of 10.0, affects the NetWeaver platform and allows...
Read More » -
Active Attacks Exploit Critical WSUS Flaw in Windows Server
Actively exploited critical vulnerabilities (CVE-2025-59287) in Windows Server Update Services (WSUS) allow remote code execution and system takeover, requiring immediate emergency patching. Microsoft has released out-of-band security updates for all affected Windows Server versions and recommend...
Read More » -
Oracle Quietly Patches Critical Zero-Day Exposed by Hackers
Oracle urgently patched a critical pre-authentication SSRF vulnerability (CVE-2025-61884) in its E-Business Suite after the ShinyHunters group leaked a working exploit, enabling unauthorized access without login credentials. Two separate threat actors, Clop and ShinyHunters, exploited distinct Or...
Read More » -
Active Exploits Target Trend Micro Apex One Flaws (CVE-2025-54948, CVE-2025-54987)
Security teams are alert as attackers exploit unpatched vulnerabilities (CVE-2025-54948 and CVE-2025-54987) in Trend Micro's Apex One, risking remote code execution until a mid-August 2025 patch. Trend Micro released an interim mitigation tool for on-premise versions, disabling the vulnerable Rem...
Read More » -
Cisco ISE critical flaws actively exploited by hackers
Cisco has warned of active exploitation targeting critical vulnerabilities in its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC), confirming real-world attacks. Three flaws (CVE-2025-20281, CVE-2025-20337, CVE-2025-20282) allow remote root-level access, arbitrary code exe...
Read More » -
1,200+ Citrix servers vulnerable to critical auth bypass flaw
Over 1,200 Citrix NetScaler systems remain vulnerable to CVE-2025-5777, a severe authentication bypass flaw enabling session hijacking and MFA bypass, with potential active exploitation despite Citrix's denial. The flaw, dubbed "Citrix Bleed 2," allows attackers to steal session tokens and creden...
Read More » -
Urgent Oracle EBS Vulnerability Alert (CVE-2025-61884)
A critical security flaw, CVE-2025-61884, has been identified in Oracle's E-Business Suite, affecting versions 12.2.3 to 12.2.14 and potentially earlier versions like 12.1.3, allowing unauthenticated attackers to exploit it via HTTP. Exploitation of this vulnerability could result in unauthorized...
Read More » -
Critical Server Vulnerability Actively Exploited - Patch Now!
A critical 10/10 severity vulnerability in AMI MegaRAC firmware (CVE-2024-54085) allows attackers to bypass authentication and gain full server control via BMCs, putting thousands of systems at risk. Exploits are now active in the wild, enabling attackers to pivot across networks, comprom...
Read More » -
CitrixBleed 2 Vulnerability Actively Exploited
A critical vulnerability in Citrix NetScaler systems (CVE-2025-5777, CVSS 9.3), dubbed CitrixBleed 2, allows attackers to bypass authentication and compromise user sessions, similar to the 2023 CitrixBleed exploit. Attackers are actively exploiting the flaw, using tactics like MFA bypass, session...
Read More »
