Topic: vulnerability exploitation
-
FortiGate Firewalls Under Attack: Critical Auth Bypass Exploited
Attackers are actively exploiting a critical Fortinet firewall vulnerability (CVE-2025-59718) to bypass authentication and steal sensitive network configuration files containing encrypted credentials. The flaw, along with a related one (CVE-2025-59719), stems from improper cryptographic signature...
Read More » -
WatchGuard Firewalls Hacked, Fake PoCs Target Security Pros
Critical vulnerabilities in widely used firewalls like WatchGuard are being actively exploited, requiring immediate patching to prevent network breaches. Threat actors are deploying sophisticated social engineering, such as malware disguised as exploit code, and leveraging darknet AI assistants t...
Read More » -
Cisco Zero-Day Exploited, Kali Linux 2025.4 Released
A critical zero-day vulnerability in Cisco's email security appliances is being actively exploited by a suspected Chinese-nexus group to compromise devices and erase logs, highlighting urgent patch management needs. Major vendors like Fortinet, SonicWall, and Apple are addressing serious, activel...
Read More » -
New Gladinet Triofox Flaw Exploited by Attackers (CVE-2025-12480)
A critical security flaw (CVE-2025-12480) in Gladinet Triofox allows unauthenticated attackers to bypass access controls and gain administrative privileges, which has been exploited by the threat group UNC6485 since late August 2025. Attackers used an HTTP Host header attack to access the configu...
Read More » -
Triofox Hack: Critical File-Sharing Flaw Exploited
A critical security vulnerability (CVE-2025-12480) in Gladinet's Triofox platform allows attackers to execute malicious code by exploiting improper access control and manipulating the antivirus feature, affecting versions prior to 16.7.10368.56560. The exploitation campaign, tracked as UNC6485, b...
Read More » -
Urgent: Critical Web Panel Flaw Actively Exploited (CVE-2025-48703)
A critical security vulnerability (CVE-2025-48703) in Control Web Panel (CWP) is being actively exploited, posing a severe threat to web hosting environments and prompting its addition to CISA's Known Exploited Vulnerabilities catalog. The flaw is an OS command injection that allows unauthenticat...
Read More » -
Zero-Day Attack Exploits Lanscope Endpoint Manager Flaw
A critical zero-day vulnerability (CVE-2025-61932) in Lanscope Endpoint Manager is being actively exploited, primarily targeting Japanese customers since April 2025. The flaw affects on-premises versions up to 9.4.7.1, allowing attackers to execute arbitrary code via TCP port 443, while the cloud...
Read More » -
Windows SMB Flaw Exploited, OAuth Apps Hijacked
Digital security faces escalating threats including active exploitation of critical Windows SMB and WSUS vulnerabilities, alongside attackers hijacking trusted OAuth applications to create persistent cloud backdoors. The attack surface is expanding dramatically as interconnected systems link oper...
Read More » -
Active Attack Exploits Critical Adobe Commerce, Magento Flaw
Security researchers have identified active exploitation of a critical Adobe Commerce and Magento vulnerability (CVE-2025-54236, SessionReaper), which allows attackers to hijack customer accounts and potentially execute remote code, with over 250 attack attempts blocked in a single day. The vulne...
Read More » -
Hackers Exploit Critical Oracle Flaw, CISA Confirms
CISA has added the critical Oracle E-Business Suite vulnerability CVE-2025-61884 to its Known Exploited Vulnerabilities catalog, confirming active exploitation and mandating federal agencies to patch by November 10, 2025. The vulnerability is an unauthenticated server-side request forgery (SSRF) ...
Read More » -
Urgent: Active Attacks Target Unpatched Gladinet Flaw (CVE-2025-11371)
A critical unauthenticated Local File Inclusion vulnerability (CVE-2025-11371) is actively being exploited, allowing attackers to remotely access any file on systems using Gladinet's CentreStack and Triofox platforms without credentials. Security researchers at Huntress confirmed real-world attac...
Read More » -
Urgent: CISA Warns of Active Attacks on Critical Adobe Flaw
CISA has issued a critical alert about active exploitation of a maximum-severity vulnerability (CVE-2025-54253) in Adobe Experience Manager, allowing attackers to execute malicious code on unpatched systems. The flaw, discovered by security researchers, enables unauthenticated attackers to bypass...
Read More » -
Fortra GoAnywhere MFT Zero-Day Actively Exploited
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT was exploited for over a week before a patch was released on September 18, 2025, allowing attackers to achieve remote code execution. The flaw, a deserialization vulnerability with a CVSS score of 10.0, enabled threat actors to ...
Read More » -
Fortra GoAnywhere Zero-Day Exploited: Critical Flaw CVE-2025-10035
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere platform, scoring 10.0 in severity, was exploited in zero-day attacks due to a deserialization flaw, with patches released on September 15, 2025. Evidence shows exploitation began as early as September 10, 2025, giving attackers an ...
Read More » -
DELMIA Factory Software Under Active Attack: Critical Vulnerability Exploited
A critical vulnerability (CVE-2025-5086) in DELMIA Apriso manufacturing software is being actively exploited, posing a major risk to global manufacturing sectors. The flaw, with a high CVSS score of 9.0, allows remote code execution and affects all releases from 2020 to 2025, prompting urgent pat...
Read More » -
300k+ Plex Servers Still Vulnerable to Attack, Git RCE Exploited
Over 300,000 Plex Media Server systems remain vulnerable to attack due to an unpatched critical flaw, risking media libraries and personal data. Multiple sectors face active threats, including Git systems exploited for remote code execution and NetScaler devices targeted via a zero-day vulnerabil...
Read More » -
Akira Ransomware Actively Exploits Critical SonicWall VPN Flaw
The Akira ransomware group is exploiting CVE-2024-40766, a known vulnerability in SonicWall VPN appliances, to breach unpatched corporate networks. Despite a patch being available since August 2024, incomplete updates and unchanged default credentials allow attackers to bypass security measures l...
Read More » -
State Hackers Exploit Most Software Vulnerabilities
State-sponsored hackers were responsible for over half of all attributed software vulnerability exploits in the first half of 2025, primarily targeting critical infrastructure and enterprise systems for espionage rather than financial gain. Chinese state-linked groups dominated these activities, ...
Read More » -
Bitdefender & NETGEAR: Rising Home Cybersecurity Threats
Modern homes face nearly triple the daily cybersecurity attacks compared to last year, with households averaging 22 connected devices and enduring about 29 attacks daily. Entertainment devices like streaming systems, smart TVs, and IP cameras are the most vulnerable, often unpatched and accountin...
Read More » -
Windows Kernel Flaw Fixed, Fortinet Zero-Day Exploited
Cybersecurity demands constant vigilance against evolving threats like zero-day exploits and requires organizations to adopt layered defense strategies that combine awareness, collaboration, and resilience. Emerging technologies are reshaping security, with innovations such as touchless Wi-Fi ent...
Read More » -
Bitdefender & NETGEAR: Rising Threats to Your Connected Home
The average household now contains 22 connected devices and faces nearly 29 daily cyberattacks, a nearly threefold increase from the previous year, highlighting the growing threat to smart homes. Entertainment devices like streaming gadgets, smart TVs, and IP cameras are the most vulnerable, ofte...
Read More » -
Urgent Windows Update: 2-Week Security Deadline
Microsoft has released urgent security updates addressing two actively exploited zero-day vulnerabilities, with federal agencies mandated to patch within two weeks to prevent system compromise. CVE-2025-59230 is a local privilege escalation flaw in Windows Remote Access Connection Manager, while ...
Read More » -
Salesforce, CentreStack Hit by Hackers in Zero-Day Attacks
Major platforms like Salesforce and CentreStack have been compromised by zero-day vulnerabilities, underscoring the need for timely patching and robust security measures. Recent incidents include the Cl0p gang exploiting Oracle E-Business Suite flaws and North Korean hackers stealing over $2 bill...
Read More » -
Phishing Leads EU Cyber Intrusions, ENISA Reports
Phishing was the leading initial attack method in the EU, responsible for 60% of intrusions, with outdated mobile and OT systems being prime targets. DDoS attacks comprised 77% of all incidents, largely driven by hacktivism, but only 2% caused service disruptions, with groups like NoName057(16) e...
Read More » -
SonicWall VPN Attacks Intensify, MFA Bypassed
A ransomware group named Akira is exploiting SonicWall SSL VPN appliances, primarily through a known vulnerability (CVE-2024-40766), to bypass multi-factor authentication and gain unauthorized access. The attacks are highly automated and rapid, with intruders moving quickly to scan networks and d...
Read More » -
Chrome 0-Day Patched, npm Attack, LinkedIn AI Data Scandal
A large majority (89%) of enterprise AI usage is undetected by IT and security teams, posing significant data privacy and compliance risks. Security experts emphasize the importance of engineering-driven protection and secure-by-design approaches over mere compliance checkboxes. Emerging threats ...
Read More » -
Hackers Weaponize Hexstrike-AI to Speed Up Cyberattacks
A new AI-driven tool called Hexstrike-AI, designed for cybersecurity testing, is being misused by threat actors to rapidly exploit vulnerabilities, particularly targeting Citrix NetScaler zero-day flaws. The tool automates complex tasks like reconnaissance, exploit crafting, and payload deploymen...
Read More » -
Hackers Unleash HexStrike-AI to Exploit n-Day Flaws Faster
AI-powered tools like HexStrike-AI are being repurposed by cybercriminals to automate attacks, drastically reducing the time between vulnerability disclosure and exploitation. These attacks are targeting specific vulnerabilities in Citrix NetScaler appliances, with threat actors achieving remote ...
Read More » -
Clop Ransomware Strikes Gladinet CentreStack, Steals Data
The Clop ransomware gang is actively targeting businesses using Gladinet CentreStack file-sharing servers by exploiting an unidentified vulnerability to steal sensitive data. Security researchers have identified at least 200 potentially vulnerable servers, and the Clop group has a history of succ...
Read More » -
RondoDox Botnet Exploits Critical XWiki Server Flaw
The RondoDox botnet malware is actively exploiting a critical remote code execution vulnerability (CVE-2025-24893) in XWiki Platform, as confirmed by U.S. cybersecurity authorities and VulnCheck. This malware uses manipulated HTTP requests to inject and execute malicious code, downloading scripts...
Read More » -
Zero-Day Attack Hits Gladinet File Sharing Software
A zero-day vulnerability (CVE-2025-11371) in Gladinet's CentreStack and Triofox platforms allows unauthenticated attackers to access sensitive files via Local File Inclusion, with at least three organizations already targeted. Attackers exploit the LFI flaw to retrieve machine keys and chain it w...
Read More » -
Nation-State Hackers Breach F5, Endangering Thousands of Customers
A nation-state hacking group infiltrated F5's networks, compromising thousands of organizations, including US government agencies and Fortune 500 companies, posing a severe global cybersecurity threat. The attackers maintained undetected access for years, enabling them to steal BIG-IP source code...
Read More » -
Libraesva ESG Zero-Day Exploited in Active Attacks (CVE-2025-59689)
A critical zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway is being actively exploited by a suspected state-sponsored actor, allowing arbitrary command execution on affected systems. The flaw is a command injection vulnerability caused by improper input sanitizatio...
Read More » -
Don't Wait on NVD: Get Real-Time Vulnerability Alerts Instantly
Vulnerability management is essential for cybersecurity, but many organizations struggle to keep up with emerging threats due to the high volume of software components and actively exploited vulnerabilities. SecAlerts offers a modern solution by providing real-time, customized vulnerability alert...
Read More » -
CISA Alerts: 2 New Dassault Flaws Under Active Attack
CISA warns that two new security flaws in Dassault Systèmes' DELMIA Apriso platform are being actively exploited, posing risks to manufacturing operations management. The vulnerabilities include CVE-2025-6205, allowing unauthenticated remote access, and CVE-2025-6204, enabling code injection, wit...
Read More » -
China's Salt Typhoon Hackers Target European Telecoms
A China-linked cyber espionage group known as Salt Typhoon is targeting European telecommunications providers to infiltrate critical infrastructure for intelligence gathering and surveillance. The attackers exploited a Citrix NetScaler Gateway vulnerability, deployed the SNAPPYBEE backdoor via DL...
Read More » -
Clop Ransomware Group Claims Oracle Data Theft in New Extortion Emails
A sophisticated extortion campaign is targeting corporate executives with emails alleging data theft from Oracle E-Business Suite systems, tracked by security firms Mandiant and Google. Attackers, potentially linked to the Clop ransomware group and historically connected to FIN11, demand payment ...
Read More » -
Hadrian's AI Hunts Security Flaws Before Hackers Can
Hadrian's new Agentic AI Platform deploys autonomous AI agents to proactively hunt for and test security vulnerabilities across a company's external digital footprint, aiming to shift cybersecurity from reactive to persistently proactive. The urgency for such technology is driven by a sharp incre...
Read More » -
Kindle Ebook Hack Leads to Amazon Account Hijacking
A security researcher demonstrated that a malicious ebook file could exploit a Kindle's software to grant an attacker complete control over the user's linked Amazon account, including stored payment details. The research, presented at Black Hat Europe, highlights how the Kindle's persistent conne...
Read More » -
Cox Enterprises Hit by Oracle EBS Data Breach
Cox Enterprises suffered a data breach after hackers exploited a zero-day vulnerability in Oracle's E-Business Suite, compromising personal information of thousands and delaying detection until weeks after the attack. The Cl0p ransomware group claimed responsibility, known for weaponizing undisco...
Read More » -
Cisco Warns: Aging Tech Poses Major AI Security Risk
Aging digital infrastructure poses a growing security threat, as outdated systems like routers and network storage often lack patches and support, leaving them vulnerable to exploitation by AI-enhanced attackers. Cisco's "Resilient Infrastructure" initiative addresses this by alerting customers t...
Read More » -
Cisco UCCX Flaws Fixed, November 2025 Patch Tuesday Outlook
Cisco has released critical patches for UCCX vulnerabilities (CVE-2025-20358 and CVE-2025-20354) that could allow attackers to bypass authentication and gain root access, urging immediate updates. New threats include active exploitation of CVE-2025-48703 in Control Web Panel, malware using LLMs t...
Read More » -
Secure Your Smart Building: Why Intelligence Demands Protection
Smart buildings offer convenience through automated systems but face serious cybersecurity risks, as criminals can exploit vulnerabilities to control essential functions like HVAC and security. The rapid growth of the smart building market is accompanied by outdated systems and protocols, with ma...
Read More » -
Australia's 2024-2025 Cyber Threat Report Reveals Key Security Trends
Australia is experiencing a sharp increase in cybersecurity threats, driven by its growing reliance on internet-connected technology and targeting by both criminal and state-sponsored actors, leading to significant financial losses and a rise in incidents. State-backed cyber actors and cybercrimi...
Read More » -
Ransomware Surge Intensifies the Battle for Cyber Defenders
Ransomware attacks have surged dramatically, with a 20% increase in victims in the first half of the year, driven by the widespread Ransomware-as-a-Service model. The threat landscape is increasingly volatile, with 88 active groups and 35 new entities, making it difficult to track threats as atta...
Read More » -
How 'Murky Panda' Hackers Breach Cloud Customers
A Chinese state-sponsored hacking group known as Murky Panda or Silk Typhoon exploits trusted cloud service relationships to infiltrate networks of government, tech, and academic organizations, particularly in North America. The group uses sophisticated tactics such as compromising cloud provider...
Read More » -
Gartner Urges Temporary Halt to AI Browser Features
Gartner advises businesses to temporarily block AI-powered browsers due to significant security risks, like data loss and exploitation, that currently outweigh their productivity benefits. Key threats include indirect prompt injection attacks, credential theft from phishing, and costly erroneous ...
Read More » -
AI's Critical Role in Modern Cybersecurity
AI enhances cybersecurity by processing large data volumes, identifying anomalies, and automating tasks to defend against sophisticated threats. Cybercriminals use AI for automated attacks and stealthy techniques, requiring equally advanced defenses to counter them at machine speed. AI addresses ...
Read More » -
Critical Veeam Flaws Let Hackers Execute Code on Backup Servers
Veeam has released a critical security patch for its Backup & Replication software to address a high-severity remote code execution vulnerability (CVE-2025-59470) that requires privileged account access. The update fixes two additional vulnerabilities, including one allowing remote code execution...
Read More » -
China-Linked 'Warp Panda' Hacks North American Firms in Espionage Campaign
A Chinese state-linked cyber-espionage group, 'Warp Panda,' is targeting North American legal, tech, and manufacturing firms for intelligence aligned with China's strategic priorities. The group demonstrates high sophistication, exploiting vulnerabilities to access VMware vCenter systems and depl...
Read More »