Topic: security advisory
-
Critical WordPress AI Plugin Vulnerability Impacts 100K+ Sites
A critical security flaw in the AI Engine WordPress plugin (scoring 8.8/10) exposes over 100,000 websites, allowing attackers with subscriber accounts to upload harmful files via the REST API. This is the fourth major vulnerability in July 2025, following a trend of similar high-severity flaws, i...
Read More » -
Active Exploit Targets Suspected FortiWeb Zero-Day
A critical zero-day vulnerability (CVE-2025-64446) in Fortinet's FortiWeb is being actively exploited, allowing unauthenticated attackers to create unauthorized admin accounts and gain full administrative access. Fortinet silently patched the flaw in multiple versions, including 8.0.2, but delaye...
Read More » -
Fortra GoAnywhere Zero-Day Exploited: Critical Flaw CVE-2025-10035
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere platform, scoring 10.0 in severity, was exploited in zero-day attacks due to a deserialization flaw, with patches released on September 15, 2025. Evidence shows exploitation began as early as September 10, 2025, giving attackers an ...
Read More » -
Fortinet Patches Actively Exploited FortiWeb Zero-Day
Fortinet has patched a critical zero-day vulnerability (CVE-2025-64446) in its FortiWeb firewall, which is being actively exploited to create unauthorized admin accounts via unauthenticated HTTP requests. The flaw affects FortiWeb versions 8.0.1 and earlier, with a fix available in version 8.0.2,...
Read More » -
Urgent: Hackers Exploit Unpatched Oracle EBS Vulnerabilities
Oracle has confirmed active exploitation of unpatched vulnerabilities in its E-Business Suite, with hackers sending extortion emails claiming to have stolen sensitive corporate data. The vulnerabilities were resolved in the July 2025 Critical Patch Update, which addressed nine EBS flaws, includin...
Read More » -
SonicWall SMA100 Update Eradicates Rootkit Malware
SonicWall has released a critical firmware update for its SMA 100 series appliances that can eradicate the OVERSTEP rootkit malware, which enables persistent unauthorized access and data theft. The update is urgent due to active attacks by threat actor UNC6148, who uses the rootkit to steal sensi...
Read More » -
Salesforce Users at Risk From Gainsight Supply Chain Attack
A cybersecurity incident involving Gainsight's Salesforce connector potentially exposed customer data, prompting Salesforce to revoke access and remove Gainsight apps from AppExchange due to unusual activity. The attack, claimed by the Scattered Spider-ShinyHunters-Lapsus$ group, may lead to a de...
Read More » -
Critical SonicWall SonicOS Flaw Lets Hackers Crash Firewalls
SonicWall has issued an urgent warning about a high-severity security flaw (CVE-2025-40601) in its SonicOS SSLVPN service, which could allow attackers to crash affected firewalls via a denial-of-service attack, impacting Gen7 and Gen8 hardware and virtual firewalls. The company states there is no...
Read More » -
Dozens of organizations hit in Oracle-linked data breach
A major data breach affecting multiple organizations has been linked to security vulnerabilities in Oracle's E-Business Suite, exploited by the Russia-linked Clop ransomware gang to steal sensitive corporate data. Oracle confirmed that hackers are using a zero-day vulnerability, which can be expl...
Read More » -
Hackers Extort 39 Victims With New Data Leak Site
A new cybercriminal group, Scattered Lapsus$ Hunters, is extorting nearly 40 major corporations by threatening to leak stolen data from Salesforce databases obtained through social engineering. The stolen data includes personal and contact details, sensitive information like Social Security numbe...
Read More » -
SonicWall SMA 100 Series Now Fights Rootkits
SonicWall has released a critical firmware update for its SMA 100 series to scan for and remove the OVERSTEP rootkit, patching vulnerabilities like CVE-2024-38475 in response to a sophisticated attack by threat group UNC6148. The attack involved using stolen credentials to gain unauthorized acces...
Read More » -
D-Link DIR-878 routers have critical RCE flaws
D-Link has issued a critical alert for its unsupported DIR-878 router, revealing three severe vulnerabilities that allow unauthenticated remote command execution, with exploit code already public. The router, discontinued in 2021 but still sold, will not receive patches, and D-Link advises users ...
Read More » -
Microsoft Exchange Vulnerability Threatens Hybrid Cloud Security
A critical Microsoft Exchange vulnerability (CVE-2025-53786, CVSS 8.0) threatens hybrid cloud environments, enabling privilege escalation across on-premises and cloud systems with minimal detection. Microsoft urges immediate action, including applying April 2025 updates and reconfiguring authenti...
Read More » -
Leaked Oracle EBS Exploit Fuels New Attack Wave (CVE-2025-61882)
A critical vulnerability chain in Oracle's E-Business Suite (CVE-2025-61882) is being actively exploited following the public leak of functional exploit scripts, enabling complete system compromise. The attack uses obfuscated HTTP requests to perform server-side request forgery, tricking the serv...
Read More » -
GlobalLogic Hit by Cl0p Ransomware Following Oracle EBS Breach
GlobalLogic, a Hitachi-owned software firm, notified 10,471 current and former employees that their personal and financial data was stolen due to a breach in its Oracle E-Business Suite platform. The breach exploited a zero-day vulnerability in Oracle's system, leading to data exfiltration on Oct...
Read More » -
Pentiment, Other Games Pulled From Steam Amid Unity Security Flaw
A security flaw in Unity game engine versions from 2017.1 onward has led to the temporary removal of several popular games from Steam, affecting multiple platforms but with no current evidence of exploitation. The vulnerability, reported responsibly by a researcher, could allow unsafe file loadin...
Read More » -
Critical DrayTek Router Flaw Allows Remote Code Execution
A critical vulnerability (CVE-2025-10547) in DrayTek routers allows unauthenticated remote attackers to execute commands via crafted HTTP/HTTPS requests, potentially leading to system crashes or code execution. DrayTek has released firmware updates for 35 router models and advises immediate insta...
Read More » -
Princeton University Data Breach Exposes Donor, Alumni Info
A sophisticated phishing attack on a Princeton University employee on November 10th led to a data breach, exposing personal information of alumni, donors, students, faculty, and related individuals. The compromised database did not contain highly sensitive data like Social Security numbers, finan...
Read More » -
Cl0p Gang Hits Oracle in Major Data Theft Campaign
The Cl0p ransomware gang exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite to exfiltrate data and send extortion emails to victims in August 2025. Oracle issued a security advisory for the vulnerability, which allows unauthenticated remote attackers to execute code vi...
Read More » -
Millions of Cisco Devices Hit by Active 0-Day Attack
A critical vulnerability (CVE-2025-20352) affects approximately two million Cisco devices, allowing attackers to crash systems or execute malicious code with the highest privileges. The flaw is a stack overflow bug in the SNMP processing component and is being actively exploited, prompting Cisco ...
Read More » -
Cisco Patches Critical Zero-Day Flaw Actively Under Attack
Cisco has released critical security patches for 14 vulnerabilities in its IOS and IOS XE software, including a high-severity flaw (CVE-2025-20352) that has been actively exploited as a zero-day. The vulnerability is a stack overflow in the SNMP subsystem, affecting a wide range of devices, and c...
Read More »