Topic: security advisory
-
Patch MongoDB Now: Critical Security Alert
A critical, high-severity vulnerability (CVE-2025-14847) in MongoDB allows unauthenticated attackers to remotely read uninitialized heap memory due to a flaw in the server's zlib compression implementation. The vulnerability impacts a wide range of MongoDB versions, from 3.6 through 8.2.2, and th...
Read More » -
Critical WordPress AI Plugin Vulnerability Impacts 100K+ Sites
A critical security flaw in the AI Engine WordPress plugin (scoring 8.8/10) exposes over 100,000 websites, allowing attackers with subscriber accounts to upload harmful files via the REST API. This is the fourth major vulnerability in July 2025, following a trend of similar high-severity flaws, i...
Read More » -
Cisco Flaw (CVE-2026-20045) Actively Exploited for RCE Attacks
A critical code injection vulnerability (CVE-2026-20045) in Cisco's unified communications products is being actively exploited, allowing attackers to execute malicious code and gain full system control. The flaw impacts several core enterprise collaboration platforms, including Cisco Unified Com...
Read More » -
Active Exploit Targets Suspected FortiWeb Zero-Day
A critical zero-day vulnerability (CVE-2025-64446) in Fortinet's FortiWeb is being actively exploited, allowing unauthenticated attackers to create unauthorized admin accounts and gain full administrative access. Fortinet silently patched the flaw in multiple versions, including 8.0.2, but delaye...
Read More » -
Fortra GoAnywhere Zero-Day Exploited: Critical Flaw CVE-2025-10035
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere platform, scoring 10.0 in severity, was exploited in zero-day attacks due to a deserialization flaw, with patches released on September 15, 2025. Evidence shows exploitation began as early as September 10, 2025, giving attackers an ...
Read More » -
Fortinet Patches Actively Exploited FortiWeb Zero-Day
Fortinet has patched a critical zero-day vulnerability (CVE-2025-64446) in its FortiWeb firewall, which is being actively exploited to create unauthorized admin accounts via unauthenticated HTTP requests. The flaw affects FortiWeb versions 8.0.1 and earlier, with a fix available in version 8.0.2,...
Read More » -
Fortinet Critical Auth Bypass Flaw Remains Unpatched
A critical Fortinet SSO vulnerability (CVE-2025-59718) is being actively exploited via a bypass of the initial patch, allowing attackers to create unauthorized VPN accounts and steal configurations on fully updated devices. Fortinet has confirmed the attacks and is developing a new patch, while u...
Read More » -
Urgent: Hackers Exploit Unpatched Oracle EBS Vulnerabilities
Oracle has confirmed active exploitation of unpatched vulnerabilities in its E-Business Suite, with hackers sending extortion emails claiming to have stolen sensitive corporate data. The vulnerabilities were resolved in the July 2025 Critical Patch Update, which addressed nine EBS flaws, includin...
Read More » -
SonicWall Zero-Day Exploit Patched (CVE-2025-40602)
SonicWall has released a critical update for a new, actively exploited local privilege escalation flaw (CVE-2025-40602) in its SMA 1000 series appliances, urging immediate patching. This vulnerability is especially dangerous when chained with a previously patched flaw (CVE-2025-23006), allowing a...
Read More » -
Microsoft patches critical Office zero-day under active attack
Microsoft has urgently patched a critical, actively exploited Office vulnerability (CVE-2026-21509) that bypasses security features, requiring immediate updates to prevent system compromise. The flaw allows attackers to bypass OLE mitigations by tricking users into opening a malicious file, with ...
Read More » -
SonicWall SMA100 Update Eradicates Rootkit Malware
SonicWall has released a critical firmware update for its SMA 100 series appliances that can eradicate the OVERSTEP rootkit malware, which enables persistent unauthorized access and data theft. The update is urgent due to active attacks by threat actor UNC6148, who uses the rootkit to steal sensi...
Read More » -
Salesforce Users at Risk From Gainsight Supply Chain Attack
A cybersecurity incident involving Gainsight's Salesforce connector potentially exposed customer data, prompting Salesforce to revoke access and remove Gainsight apps from AppExchange due to unusual activity. The attack, claimed by the Scattered Spider-ShinyHunters-Lapsus$ group, may lead to a de...
Read More » -
Critical SonicWall SonicOS Flaw Lets Hackers Crash Firewalls
SonicWall has issued an urgent warning about a high-severity security flaw (CVE-2025-40601) in its SonicOS SSLVPN service, which could allow attackers to crash affected firewalls via a denial-of-service attack, impacting Gen7 and Gen8 hardware and virtual firewalls. The company states there is no...
Read More » -
Dozens of organizations hit in Oracle-linked data breach
A major data breach affecting multiple organizations has been linked to security vulnerabilities in Oracle's E-Business Suite, exploited by the Russia-linked Clop ransomware gang to steal sensitive corporate data. Oracle confirmed that hackers are using a zero-day vulnerability, which can be expl...
Read More » -
Hackers Extort 39 Victims With New Data Leak Site
A new cybercriminal group, Scattered Lapsus$ Hunters, is extorting nearly 40 major corporations by threatening to leak stolen data from Salesforce databases obtained through social engineering. The stolen data includes personal and contact details, sensitive information like Social Security numbe...
Read More » -
SonicWall SMA 100 Series Now Fights Rootkits
SonicWall has released a critical firmware update for its SMA 100 series to scan for and remove the OVERSTEP rootkit, patching vulnerabilities like CVE-2024-38475 in response to a sophisticated attack by threat group UNC6148. The attack involved using stolen credentials to gain unauthorized acces...
Read More » -
Cisco Warns of Chinese Hackers Using New Zero-Day
Cisco warns of an active, state-sponsored hacking campaign exploiting a critical zero-day vulnerability in its security appliances, allowing complete device takeover with no patch currently available. The flaw targets specific Cisco AsyncOS products, but exploitation requires a non-default config...
Read More » -
eScan Server Breach Delivers Malicious Software Update
eScan antivirus software experienced a supply chain attack where a compromised regional update server distributed a malicious file to a limited number of customers during a specific window in January 2026. The malicious update delivered a tampered component that established persistence, executed ...
Read More » -
Patched FortiGate Firewalls Still Vulnerable to Hacks
A critical Fortinet firewall vulnerability (CVE-2025-59718) persists despite patches, allowing unauthorized admin access via the FortiCloud SSO feature even on the latest software versions. Fortinet is preparing new updates, but the immediate recommendation is to disable the "Allow administrative...
Read More » -
ownCloud Urges MFA Activation Following Credential Theft
ownCloud is urging all users to immediately enable multi-factor authentication (MFA) to block unauthorized access, even if login credentials are stolen. The company clarified its platform was not hacked; attackers instead used credentials stolen by malware from employee devices to access accounts...
Read More » -
D-Link DIR-878 routers have critical RCE flaws
D-Link has issued a critical alert for its unsupported DIR-878 router, revealing three severe vulnerabilities that allow unauthenticated remote command execution, with exploit code already public. The router, discontinued in 2021 but still sold, will not receive patches, and D-Link advises users ...
Read More » -
Microsoft Exchange Vulnerability Threatens Hybrid Cloud Security
A critical Microsoft Exchange vulnerability (CVE-2025-53786, CVSS 8.0) threatens hybrid cloud environments, enabling privilege escalation across on-premises and cloud systems with minimal detection. Microsoft urges immediate action, including applying April 2025 updates and reconfiguring authenti...
Read More » -
Leaked Oracle EBS Exploit Fuels New Attack Wave (CVE-2025-61882)
A critical vulnerability chain in Oracle's E-Business Suite (CVE-2025-61882) is being actively exploited following the public leak of functional exploit scripts, enabling complete system compromise. The attack uses obfuscated HTTP requests to perform server-side request forgery, tricking the serv...
Read More » -
CISA Warns: BeyondTrust RCE Flaw Actively Exploited by Ransomware
A critical, unauthenticated remote code execution flaw (CVE-2026-1731) in BeyondTrust's remote support software is being actively exploited by ransomware groups, prompting urgent federal warnings. The vulnerability was a zero-day threat exploited before public disclosure, and its inclusion in CIS...
Read More » -
Global Spam Wave Exploits Zendesk Ticket Systems
A global spam campaign exploits a default setting in Zendesk support software, allowing attackers to flood inboxes with fake ticket confirmation emails from legitimate company domains. The emails, sent from major organizations like Discord and Dropbox, contain alarming subject lines but no malici...
Read More » -
Palo Alto Firewall Flaw Lets Hackers Trigger DoS Attacks
A critical vulnerability (CVE-2026-0227) in Palo Alto firewalls could allow unauthenticated attackers to remotely disable them via a denial-of-service attack, forcing devices into an unprotected maintenance mode. Palo Alto Networks has issued patches for affected PAN-OS versions and Prisma Access...
Read More » -
Critical RCE Flaw in Trend Micro Apex Central: Patch Now
A critical vulnerability (CVE-2025-69258) in Trend Micro's Apex Central console allows unauthenticated attackers to remotely execute malicious code with the highest SYSTEM privileges. The flaw, discovered by Tenable, is exploited by sending a crafted message to a specific port, forcing the system...
Read More » -
Critical "Ni8mare" Bug Allows Hackers to Take Over n8n Servers
A critical, maximum-severity vulnerability (CVSS 10.0) in n8n allows unauthenticated remote attackers to take control of servers, posing a major risk due to the platform's widespread use and integration with sensitive enterprise systems. The flaw, named "Ni8mare," is a path traversal issue where ...
Read More » -
Cisco Customers Vulnerable to New Chinese Hacking Campaign
A Chinese state-sponsored hacking campaign is exploiting a critical zero-day vulnerability (CVE-2025-20393) in Cisco's Secure Email Gateway and Web Manager software, primarily targeting systems in India, Thailand, and the United States. The attack surface is limited to hundreds of systems, as exp...
Read More » -
GlobalLogic Hit by Cl0p Ransomware Following Oracle EBS Breach
GlobalLogic, a Hitachi-owned software firm, notified 10,471 current and former employees that their personal and financial data was stolen due to a breach in its Oracle E-Business Suite platform. The breach exploited a zero-day vulnerability in Oracle's system, leading to data exfiltration on Oct...
Read More » -
Pentiment, Other Games Pulled From Steam Amid Unity Security Flaw
A security flaw in Unity game engine versions from 2017.1 onward has led to the temporary removal of several popular games from Steam, affecting multiple platforms but with no current evidence of exploitation. The vulnerability, reported responsibly by a researcher, could allow unsafe file loadin...
Read More » -
Critical DrayTek Router Flaw Allows Remote Code Execution
A critical vulnerability (CVE-2025-10547) in DrayTek routers allows unauthenticated remote attackers to execute commands via crafted HTTP/HTTPS requests, potentially leading to system crashes or code execution. DrayTek has released firmware updates for 35 router models and advises immediate insta...
Read More » -
Princeton University Data Breach Exposes Donor, Alumni Info
A sophisticated phishing attack on a Princeton University employee on November 10th led to a data breach, exposing personal information of alumni, donors, students, faculty, and related individuals. The compromised database did not contain highly sensitive data like Social Security numbers, finan...
Read More » -
Cl0p Gang Hits Oracle in Major Data Theft Campaign
The Cl0p ransomware gang exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite to exfiltrate data and send extortion emails to victims in August 2025. Oracle issued a security advisory for the vulnerability, which allows unauthenticated remote attackers to execute code vi...
Read More » -
Millions of Cisco Devices Hit by Active 0-Day Attack
A critical vulnerability (CVE-2025-20352) affects approximately two million Cisco devices, allowing attackers to crash systems or execute malicious code with the highest privileges. The flaw is a stack overflow bug in the SNMP processing component and is being actively exploited, prompting Cisco ...
Read More » -
Critical FortiSIEM Flaw: Exploit Code Now Public
A critical, unauthenticated remote code execution vulnerability (CVE-2025-25256) in Fortinet's FortiSIEM platform allows attackers to gain full administrative control, with public exploit code now available. The flaw resides in the phMonitor service (TCP port 7900), a recurring weak point, and pa...
Read More » -
Critical WatchGuard VPN Flaw Actively Exploited
A critical, actively exploited vulnerability (CVE-2025-14733) in WatchGuard's Fireware OS allows unauthenticated remote attackers to execute arbitrary code on affected systems. The flaw impacts systems using specific IKEv2 VPN configurations, and patches are available for most supported versions,...
Read More » -
Patch Now: Critical MongoDB RCE Flaw Demands Immediate Action
A critical, high-severity vulnerability (CVE-2025-14847) in MongoDB allows unauthenticated attackers to remotely execute code by exploiting a flaw in the zlib compression implementation. Administrators must immediately upgrade to specific patched versions (e.g., MongoDB 8.2.3) or, as a workaround...
Read More » -
Cisco Email Security Appliances Hacked via Unpatched Zero-Day
A critical zero-day vulnerability (CVE-2025-20393) in Cisco email security appliances is being exploited, allowing attackers to gain full control, particularly when a non-default Spam Quarantine feature is exposed to the internet. Attackers have installed a sophisticated toolkit for persistent, s...
Read More » -
Cisco Patches Critical Zero-Day Flaw Actively Under Attack
Cisco has released critical security patches for 14 vulnerabilities in its IOS and IOS XE software, including a high-severity flaw (CVE-2025-20352) that has been actively exploited as a zero-day. The vulnerability is a stack overflow in the SNMP subsystem, affecting a wide range of devices, and c...
Read More » -
Trend Micro Apex Central RCE PoC Released (CVE-2025-69258)
Trend Micro has issued a critical security update for its Apex Central on-premise platform, addressing multiple vulnerabilities, including a severe one (CVE-2025-69258) that allows unauthenticated attackers to execute code with SYSTEM privileges. The vulnerabilities, discovered by Tenable, involv...
Read More »