Topic: exploited vulnerabilities
-
Microsoft Fixes 59 Flaws, 6 Already Under Attack
Microsoft has patched 59 vulnerabilities, with six actively exploited flaws requiring urgent updates to prevent breaches. The exploited vulnerabilities include security bypasses and privilege escalations, which can allow attackers to disable security tools or compromise networks. Microsoft is als...
Read More » -
Firms Cut Ransom Costs Through Strategic Negotiations
Businesses are reducing ransomware costs through negotiation, with over half cutting median payments by 50% despite initial demands dropping only 33%. Larger enterprises face median ransom demands of $5 million, but 71% of reduced payments result from direct negotiations, highlighting the need fo...
Read More » -
CISA Alerts: Old GitLab Bug Actively Exploited in Attacks
A critical, years-old GitLab vulnerability (CVE-2021-39935) is now being actively exploited, prompting urgent warnings from U.S. cybersecurity authorities. CISA has mandated federal agencies to patch this flaw within three weeks and strongly recommends all organizations do the same, as it allows ...
Read More » -
IBM API Connect flaw exposes critical authentication bypass risk
A critical vulnerability (CVE-2025-13915) in IBM API Connect allows attackers to bypass authentication and gain unauthorized remote access, posing a high risk to sectors like finance and healthcare. IBM urges immediate patching to specific affected versions and advises disabling the Developer Por...
Read More »