Topic: remote exploitation

Sort by: Relevance | Date
  • Unpatched Fortra GoAnywhere Flaw Risks Full System Takeover
    September 25, 2025
    90%

    Unpatched Fortra GoAnywhere Flaw Risks Full System Takeover

    A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT platform allows full system takeover via a deserialization flaw in the License servlet, requiring immediate patching. Exploitation necessitates access to the admin console, echoing a 2023 incident where exposed consoles led to w...

    Read More »
  • Urgent WD My Cloud Flaw Enables Remote Hacks
    October 1, 2025
    85%

    Urgent WD My Cloud Flaw Enables Remote Hacks

    Western Digital released an urgent firmware update (version 5.31.108) to fix a critical security flaw (CVE-2025-30247) in multiple My Cloud NAS devices, which allows remote command execution via crafted HTTP requests. The update applies to several models, but end-of-support devices like the My Cl...

    Read More »
  • Cisco Warns: Patch This Critical RCE & DoS Bug Now
    September 27, 2025
    85%

    Cisco Warns: Patch This Critical RCE & DoS Bug Now

    A critical vulnerability (CVE-2025-20352) in Cisco's IOS and IOS XE Software allows remote attackers to execute arbitrary code or cause a denial-of-service if they have compromised credentials. The flaw exists in the SNMP subsystem and can be triggered by sending a crafted packet, with exploitati...

    Read More »
  • Fortra Issues Critical Alert for GoAnywhere MFT Vulnerability
    September 20, 2025
    85%

    Fortra Issues Critical Alert for GoAnywhere MFT Vulnerability

    Fortra has issued an urgent alert for a critical vulnerability (CVE-2025-10035) in GoAnywhere MFT software, allowing remote command injection due to unsafe data deserialization. The vulnerability can be exploited without user interaction, particularly affecting internet-exposed Admin Consoles, an...

    Read More »
  • Oracle Warns Known Flaws Fueling Recent Ransomware Attacks
    October 4, 2025
    82%

    Oracle Warns Known Flaws Fueling Recent Ransomware Attacks

    Oracle is warning that known vulnerabilities in its E-Business Suite are being exploited in ransomware attacks, with customers receiving extortion emails linked to patched security flaws. The Cl0p ransomware group, possibly connected to FIN11, is suspected of sending these emails from compromised...

    Read More »
  • Plex Data Breach: Users Urged to Change Passwords, Upgrade Servers
    September 11, 2025
    30%

    Plex Data Breach: Users Urged to Change Passwords, Upgrade Servers

    Plex has confirmed a security breach involving unauthorized access to customer emails, usernames, and securely hashed passwords, but no payment information was compromised. The company advises all users to reset their passwords, enable two-factor authentication, and log out from all devices to en...

    Read More »

Related Topics

cybersecurity threats (37) patch management (25) security vulnerability (12) command injection (4) cve-2025-10035 (3) admin console (2) data security (71) target audience (68)