Topic: zero-day attacks
-
CISA Orders Agencies to Patch Critical Fortinet Flaw in 7 Days
CISA has mandated a 7-day deadline for U.S. government agencies to patch CVE-2025-58034, a critical Fortinet FortiWeb vulnerability being actively exploited in zero-day attacks. The vulnerability is an OS command injection flaw that allows authenticated attackers to execute arbitrary code with ro...
Read More » -
Cisco ASA Zero-Day & Fortra GoAnywhere Under Active Attack
A wave of sophisticated cyberattacks is exploiting newly discovered zero-day vulnerabilities in critical enterprise infrastructure, including Cisco's ASA and Fortra's GoAnywhere, posing significant risks to organizational networks and sensitive data. Law firms are increasingly targeted by cybercr...
Read More » -
300k+ Plex Servers Still Vulnerable to Attack, Git RCE Exploited
Over 300,000 Plex Media Server systems remain vulnerable to attack due to an unpatched critical flaw, risking media libraries and personal data. Multiple sectors face active threats, including Git systems exploited for remote code execution and NetScaler devices targeted via a zero-day vulnerabil...
Read More » -
CISA Mandates Urgent Patch for Actively Exploited Gogs Flaw
A critical remote code execution flaw (CVE-2025-8110) in Gogs is being actively exploited, allowing attackers to run arbitrary commands by manipulating Git configuration files. CISA has mandated all federal agencies to patch the vulnerability by February 2026, as over 1,400 public Gogs servers ar...
Read More » -
Cisco Patches Critical Zero-Day Flaw Actively Under Attack
Cisco has released critical security patches for 14 vulnerabilities in its IOS and IOS XE software, including a high-severity flaw (CVE-2025-20352) that has been actively exploited as a zero-day. The vulnerability is a stack overflow in the SNMP subsystem, affecting a wide range of devices, and c...
Read More » -
SonicWall SMA1000 Zero-Day Exploited in Active Attacks
SonicWall has issued an urgent alert for SMA1000 appliance users to apply a critical update, as active attacks exploit a new medium-severity local privilege escalation flaw (CVE-2025-40602) chained with a previously patched critical bug to achieve remote code execution with root privileges. The v...
Read More » -
Cisco Zero-Day Exploited to Plant Rootkits on Network Switches
A critical vulnerability (CVE-2025-20352) in Cisco's network operating systems allowed attackers with administrative credentials to execute remote code and install persistent Linux rootkits on switches. Attackers implanted a rootkit that sets a universal password, uses memory hooks to hide filele...
Read More » -
Clop Ransomware Group Claims Oracle Data Theft in New Extortion Emails
A sophisticated extortion campaign is targeting corporate executives with emails alleging data theft from Oracle E-Business Suite systems, tracked by security firms Mandiant and Google. Attackers, potentially linked to the Clop ransomware group and historically connected to FIN11, demand payment ...
Read More » -
Check Point and Wiz Partner to Unify CNAPP and Cloud Security
Check Point and Wiz have launched an integrated cloud security platform that combines prevention-first network security with CNAPP capabilities, enhancing visibility and AI-driven threat prevention. The partnership enables organizations to shift from remediation to prevention, offering real-time ...
Read More » -
CISA Warns Active Exploits Target Critical VMware RCE Flaw
A critical security flaw (CVE-2024-37079) in VMware vCenter Server is under active exploitation, allowing remote code execution via a low-complexity attack. U.S. federal agencies are mandated to patch the vulnerability within three weeks, as there are no available workarounds, only the vendor-pro...
Read More »