Topic: vulnerability disclosure
-
SolarWinds Issues Urgent Patch for Critical Web Help Desk Flaw
SolarWinds has released an urgent hotfix for a critical, unauthenticated remote code execution vulnerability (CVE-2025-26399) in its Web Help Desk software, which poses a severe risk to affected systems. The flaw is a patch bypass for a previous vulnerability and stems from unsafe deserialization...
Read More » -
Cisco Flaw (CVE-2026-20045) Actively Exploited for RCE Attacks
A critical code injection vulnerability (CVE-2026-20045) in Cisco's unified communications products is being actively exploited, allowing attackers to execute malicious code and gain full system control. The flaw impacts several core enterprise collaboration platforms, including Cisco Unified Com...
Read More » -
Urgent: WatchGuard Firewalls Targeted by Critical Attack (CVE-2025-14733)
Over 115,000 WatchGuard Firebox firewalls are actively being targeted via a critical, unauthenticated remote code execution flaw (CVE-2025-14733) in the Fireware OS's IKED process. The U.S. CISA has mandated patching due to active exploitation, requiring an immediate upgrade to specific fixed Fir...
Read More » -
CISA Orders Agencies to Patch Critical Fortinet Flaw in 7 Days
CISA has mandated a 7-day deadline for U.S. government agencies to patch CVE-2025-58034, a critical Fortinet FortiWeb vulnerability being actively exploited in zero-day attacks. The vulnerability is an OS command injection flaw that allows authenticated attackers to execute arbitrary code with ro...
Read More » -
Security Firms Clash Over CVE Credit Claims
FuzzingLabs accuses Gecko Security of copying their vulnerability discoveries and proof-of-concept exploits, including backdating blog posts to claim credit for CVEs like CVE-2025-51471 and CVE-2025-48889. Gecko Security denies intentional misconduct, attributing the overlap to parallel research ...
Read More » -
SolarWinds Patches Critical RCE Flaw in Web Help Desk
SolarWinds has released a critical update for its Web Help Desk software to patch CVE-2025-26399, an unauthenticated remote code execution vulnerability requiring immediate action to prevent system compromise. The flaw, located in the AjaxProxy class, allows remote attackers to execute arbitrary ...
Read More » -
Urgent: NetScaler Zero-Day Exploit Actively Attacked (CVE-2025-7775)
Three critical vulnerabilities have been discovered in Citrix NetScaler ADC and Gateway devices, with CVE-2025-7775 already being actively exploited for remote code execution and denial of service. Citrix has released security updates for affected versions and strongly advises immediate patching,...
Read More » -
BeyondTrust Patches Critical Pre-Auth RCE Flaw in Remote Access Tools
A critical security flaw (CVE-2026-1731) in BeyondTrust's self-hosted remote access software allows unauthenticated attackers to execute arbitrary OS commands, posing a severe risk of complete system compromise. The vulnerability impacts specific versions of Remote Support and Privileged Remote A...
Read More » -
Portugal Exempts Security Researchers From Cybercrime Law
Portugal has enacted a new law creating a legal safe harbor for good-faith security researchers, protecting them from prosecution for activities aimed at uncovering and responsibly disclosing software vulnerabilities. To qualify, researchers must follow strict rules: they cannot seek extra econom...
Read More » -
Portugal's New Cybercrime Law Shields Security Researchers
Portugal has enacted a safe harbor law, exempting ethical cybersecurity research from prosecution if it is conducted responsibly and without seeking economic benefit. The law requires researchers to act proportionally, avoid harmful methods like data theft, and confidentially report vulnerabiliti...
Read More » -
Telegram Channels Reveal SmarterMail Exploits in the Wild
Threat actors are rapidly weaponizing critical vulnerabilities in SmarterMail (CVE-2026-24423 and CVE-2026-23760), sharing exploit code and credentials to enable server takeover and ransomware campaigns. These flaws have already been exploited in real-world incidents, including a breach at Smarte...
Read More » -
DJI Robovac Security Flaw Exposed Thousands to Remote Access
A hobbyist accidentally discovered a major security flaw in DJI's Romo vacuum, allowing remote access to thousands of devices globally and exposing sensitive data like live camera feeds and home floor plans. DJI patched the vulnerability after notification, attributing it to a server permission i...
Read More » -
SmarterMail Flaw Lets Attackers Hijack Admin Accounts
A critical authentication bypass flaw in SmarterMail's 'force-reset-password' API endpoint allows attackers to hijack administrator accounts and gain full server control. Threat actors began exploiting the vulnerability just two days after the patch was released, suggesting they reverse-engineere...
Read More » -
Gladinet patches critical zero-day flaw in file-sharing software
Gladinet has released a critical security update for CentreStack to address CVE-2025-11371, a zero-day vulnerability that allowed attackers to bypass protections and execute remote code on systems. The flaw, discovered by Huntress, involved inadequate input sanitization enabling directory travers...
Read More » -
UK NCSC Backs Public Disclosure of AI Security Flaws
UK cybersecurity and AI authorities advocate for crowdsourced initiatives to identify and address AI vulnerabilities, emphasizing the rising risks from malicious exploitation of advanced platforms. In response to AI system breaches, developers have launched bug bounty programs to incentivize ethi...
Read More » -
Microsoft Entra ID Flaw Let Attackers Hijack Company Tenants
A critical vulnerability (CVE-2025-55241) in Microsoft's Entra ID could have allowed attackers to gain full control over an organization's tenant by exploiting unsigned "actor tokens" and a weakness in the Azure AD Graph API. The flaw enabled attackers to impersonate any user, escalate privileges...
Read More » -
Critical Windows Admin Center Flaw Exposed by Microsoft (CVE-2026-26119)
Microsoft has patched a critical privilege-escalation vulnerability (CVE-2026-26119) in Windows Admin Center, which could allow attackers with basic credentials to gain elevated system rights. The flaw, involving improper authentication, is remotely exploitable with low complexity and no user int...
Read More » -
Student admissions site bug leaked children's data
A major security flaw on the Ravenna Hub admissions platform exposed sensitive personal data of children and families, including names, addresses, and photos, due to an insecure direct object reference (IDOR) vulnerability. The platform's developer, VenturEd Solutions, quickly fixed the issue but...
Read More » -
Critical Windows Notepad Flaw (CVE-2026-20841) Enables RCE via Markdown
A critical vulnerability (CVE-2026-20841) in Windows Notepad, stemming from its new Markdown support, allowed remote code execution via malicious links in Markdown files. Exploitation required user interaction, such as clicking a crafted link, but was made easier as Markdown files are often perce...
Read More » -
CISA Alerts: SmarterMail RCE Flaw Actively Exploited in Ransomware
A critical, unauthenticated remote code execution flaw (CVE-2026-24423) in SmarterMail is being actively exploited by ransomware groups, prompting urgent warnings from CISA. The vulnerability, stemming from a missing authentication check, allows attackers to take control of unpatched systems, and...
Read More » -
6,000+ SmarterMail Servers Vulnerable to Hijacking
A critical authentication bypass vulnerability (CVE-2026-23760) in SmarterMail email servers allows attackers to reset administrator passwords and take full control of unpatched systems. Security researchers have identified thousands of vulnerable servers, with evidence of widespread, automated e...
Read More » -
Critical JumpCloud Windows Agent Flaw Allows Local Privilege Escalation
A critical security flaw (CVE-2025-34352) in JumpCloud's Remote Assist for Windows agent allows local users to escalate privileges to SYSTEM level or cause denial-of-service attacks by exploiting insecure file handling during uninstallation. The vulnerability stems from the agent's uninstaller pe...
Read More » -
Freedom Chat App Exposed Users' Phone Numbers and PINs
Freedom Chat, a privacy-focused messaging app, fixed two major vulnerabilities that allowed attackers to identify registered users' phone numbers and exposed their app-lock PINs to other users in public channels. Security researcher Eric Daigle discovered the flaws, which included weak server pro...
Read More » -
Cloudflare Outage Linked to React2Shell Mitigation Efforts
A widespread Cloudflare outage was caused by an emergency security patch for a critical, actively exploited vulnerability (React2Shell/CVE-2025-55182) in React Server Components, not by a cyberattack. The update, intended to block exploitation attempts, inadvertently failed and disrupted about 28...
Read More » -
Critical React & Node.js Flaw Patched: Update Now (CVE-2025-55182)
A critical remote code execution vulnerability (CVE-2025-55182) affects React versions 19.0.0 through 19.2.0, requiring an immediate update to version 19.2.1. The flaw involves unsafe deserialization in React Server Components, impacting not only React but also major dependent frameworks like Nex...
Read More » -
WordPress Plugin Flaw Gives Hackers Admin Access
A severe vulnerability (CVE-2026-23550) in the Modular DS WordPress plugin is being actively exploited, allowing attackers to gain full administrative control over websites with over 40,000 active installations. The flaw, present in versions 2.5.1 and older, stems from inadequate request verifica...
Read More » -
Urgent CISA Alert: Active Attacks Exploit Critical CentOS Bug
A critical security flaw (CVE-2025-48703) in CentOS Web Panel allows unauthenticated attackers to execute arbitrary commands, prompting CISA to issue an urgent patch-or-discontinue directive by November 25. The vulnerability stems from improper handling of the 'changePerm' endpoint and unsanitize...
Read More » -
Active Attack Exploits Critical Adobe Commerce, Magento Flaw
Security researchers have identified active exploitation of a critical Adobe Commerce and Magento vulnerability (CVE-2025-54236, SessionReaper), which allows attackers to hijack customer accounts and potentially execute remote code, with over 250 attack attempts blocked in a single day. The vulne...
Read More » -
Urgent CISA Alert: Active Attacks Exploit Critical Linux Sudo Flaw
A critical vulnerability (CVE-2025-32463) in Linux sudo versions 1.9.14 to 1.9.17 allows local attackers to escalate privileges to root using the -R option, even without sudoers file authorization. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added this flaw to its Known E...
Read More » -
CISA Flags Spyware Zero-Day in Urgent Security Alert
US authorities issued a critical security alert for a high-risk vulnerability in Samsung mobile devices, exploited since mid-2024 to install spyware via malicious files on WhatsApp. The vulnerability, CVE-2025-21042 with a CVSS score of 9.8, enables attackers to use LandFall spyware for surveilla...
Read More » -
DockerDash Exposes Critical AI Supply Chain Flaw
A critical vulnerability named DockerDash in Docker's Ask Gordon AI assistant allows attackers to inject malicious commands via manipulated Docker image metadata, bypassing security due to a lack of validation. The flaw enables remote code execution in cloud/CLI environments and data exfiltration...
Read More » -
Anthropic's Official Git MCP Server Exposes Prompt Injection Bugs
Critical vulnerabilities were discovered in Anthropic's official Git server for its Model Context Protocol (MCP), exploitable via prompt injection attacks to manipulate AI assistants into unauthorized actions. The flaws, present in default installations, allow attackers to execute code, delete fi...
Read More » -
US Cargo Firm Exposes Shipping Systems and Customer Data Online
Security experts warn that cyberattacks on logistics firms are enabling large-scale cargo theft, creating a dangerous alliance between hackers and organized crime that threatens global supply chains. A researcher discovered severe vulnerabilities in Bluspark Global's shipping software, including ...
Read More » -
Beware: VSCode Forks Risk "Recommended Extension" Attacks
A security flaw in popular AI-assisted IDEs (like Cursor and Windsurf) stems from their inherited "recommended extension" lists pointing to Microsoft's marketplace, which they cannot access, leaving unclaimed namespaces vulnerable to malicious takeover on the OpenVSX registry they use instead. Th...
Read More » -
Google: Microsoft WSUS Attacks Strike Multiple Organizations
A critical remote code execution vulnerability (CVE-2025-59287) in Microsoft's WSUS is being actively exploited, affecting Windows Server versions from 2012 to 2025, despite an emergency patch being released after initial fixes failed. Exploitation involves unauthenticated attackers running arbit...
Read More » -
New Ethics Rules for Cybersecurity Research: What You Need to Know
Major cybersecurity conferences are implementing new ethics requirements for research submissions, requiring authors to include stakeholder-based ethics analyses in their papers. A new framework has been developed to help researchers systematically identify all affected parties and assess potenti...
Read More » -
SAP S/4HANA Vulnerability Actively Exploited in Attacks
A critical vulnerability (CVE-2025-42957) in SAP S/4HANA allows attackers to execute unauthorized code and gain administrative control. Despite a patch being available since August 2025, many systems remain unpatched, leading to active exploitation in the wild. Successful attacks can result in se...
Read More » -
Urgent: Patch Windows SMB Flaw Being Actively Exploited
A critical Windows SMB Client vulnerability (CVE-2025-33073) is being actively exploited, allowing attackers to gain SYSTEM-level privileges through a malicious script that compromises SMB connections. Microsoft patched the flaw in June 2025, and CISA has added it to its Known Exploited Vulnerabi...
Read More » -
Ransomware Attack Hits SmarterMail via Critical Flaw
A ransomware attack on SmarterTools began via an unpatched, employee-created virtual machine running outdated SmarterMail software, which allowed lateral movement into office and data center networks. The breach, attributed to the Warlock group exploiting a known vulnerability, led the company to...
Read More » -
CISA Warns: Ransomware Attackers Exploit VMware ESXi Flaw
A critical VMware ESXi vulnerability (CVE-2025-22225) is now actively exploited by ransomware groups, prompting urgent patching calls from CISA. The flaw is part of a trio of zero-days; new analysis reveals a toolkit weaponizing all three, potentially developed by Chinese-speaking actors as early...
Read More » -
Critical RCE Flaw Found in BeyondTrust Remote Support Software
A critical pre-authentication command injection flaw (CVE-2026-1731) in BeyondTrust's Remote Support and Privileged Remote Access software allows unauthenticated attackers to remotely execute arbitrary commands. The vulnerability, impacting thousands of on-premises instances, requires immediate m...
Read More » -
Critical FortiSIEM Exploit Released: CVE-2025-64155 PoC
A critical vulnerability (CVE-2025-64155) in Fortinet's FortiSIEM platform now has public exploit code, allowing unauthenticated attackers to remotely execute arbitrary code with root privileges. Fortinet has released patches, and customers are urged to immediately upgrade to fixed versions; a te...
Read More » -
Trend Micro Apex Central RCE PoC Released (CVE-2025-69258)
Trend Micro has issued a critical security update for its Apex Central on-premise platform, addressing multiple vulnerabilities, including a severe one (CVE-2025-69258) that allows unauthenticated attackers to execute code with SYSTEM privileges. The vulnerabilities, discovered by Tenable, involv...
Read More » -
AI Supply Chains at Risk from Critical PickleScan Flaws
Researchers discovered three critical zero-day vulnerabilities (CVSS 9.3) in PickleScan, a tool for inspecting Python pickle files and PyTorch models, which allow attackers to bypass security checks and distribute malicious machine learning models. The flaws include a file extension bypass, a dis...
Read More » -
Synology Patches Critical BeeStation Flaws Exposed at Pwn2Own
Synology released a critical security update for BeeStation devices to fix a remote code execution vulnerability (CVE-2025-12686) caused by an unchecked buffer copy operation. The flaw was exploited live at Pwn2Own Ireland 2025, earning researchers a $40,000 prize, and users must upgrade to BeeSt...
Read More » -
Cisco ASA Firewalls Remain Vulnerable to Zero-Day Attacks
Approximately 48,000 Cisco ASA devices remain vulnerable to active zero-day attacks, posing ongoing risks globally, with the majority located in the U.S. and other key countries. Attackers have used advanced tactics, including disabling logging and intercepting commands, to exploit vulnerabilitie...
Read More » -
Google Fast Pair Flaw Exposes Sony, Anker Headphones
A security flaw in Google's Fast Pair protocol, named WhisperPair, allows attackers to secretly pair with and eavesdrop on popular Bluetooth audio devices, even when used with iPhones. The vulnerability stems from manufacturers not enforcing a key protocol rule, enabling attackers to intercept ca...
Read More » -
Exploit Alert: Actively Targeted HPE OneView Flaw (CVE-2025-37164)
A critical, actively exploited vulnerability (CVE-2025-37164) in HPE OneView allows unauthenticated remote code execution, prompting urgent patching. The flaw is especially dangerous because the management platform holds deep network access and broad control over servers and firmware, making it a...
Read More » -
Critical Flaws Found in Fluent Bit Logging Agent
Severe security vulnerabilities have been discovered in Fluent Bit, a widely used telemetry logging tool installed over 15 billion times, impacting core functions in banking, cloud, and SaaS environments. The flaws include input validation issues, tag manipulation, path traversal, buffer overflow...
Read More » -
Urgent Windows Flaw CVE-2025-9491 Actively Exploited by Hackers
A critical Windows security flaw (CVE-2025-9491) is being actively exploited by hacking group UNC6384, enabling unauthorized code execution through malicious LNK files in spearphishing campaigns targeting European diplomatic and aviation entities. The exploitation involves a multi-stage malware c...
Read More »