Topic: zero-day exploitation
-
Gladinet patches critical zero-day flaw in file-sharing software
Gladinet has released a critical security update for CentreStack to address CVE-2025-11371, a zero-day vulnerability that allowed attackers to bypass protections and execute remote code on systems. The flaw, discovered by Huntress, involved inadequate input sanitization enabling directory travers...
Read More » -
Microsoft GoAnywhere Flaw Fuels Ransomware Attacks
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT platform is being exploited by ransomware attackers, allowing remote access without user interaction. The cybercrime group Storm-1175, linked to Medusa ransomware, is actively using this flaw to gain initial access, deploy remot...
Read More » -
CISA Warns: Malware Kits Found in Ivanti EPMM Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified malware exploiting two vulnerabilities in Ivanti Endpoint Manager Mobile, enabling remote command execution. A China-linked espionage group has been actively using these vulnerabilities as zero-days since mid-May to e...
Read More » -
Urgent: NetScaler Zero-Day Exploit Actively Attacked (CVE-2025-7775)
Three critical vulnerabilities have been discovered in Citrix NetScaler ADC and Gateway devices, with CVE-2025-7775 already being actively exploited for remote code execution and denial of service. Citrix has released security updates for affected versions and strongly advises immediate patching,...
Read More » -
'BRICKSTORM' Backdoor: Chinese Hackers Target US Firms
A sophisticated cyber espionage campaign using the BRICKSTORM backdoor is targeting U.S. companies, particularly in legal, tech, and SaaS sectors, and is attributed to Chinese-aligned hackers with goals beyond intelligence gathering. The threat actors, known as UNC5221, employ a complex, multi-st...
Read More » -
Chinese Hackers Exploiting VMware Zero-Day Since 2024
A critical privilege escalation vulnerability (CVE-2025-41244) in Broadcom's VMware software has been actively exploited since October 2024, allowing attackers to gain root-level control over affected virtual machines. The exploitation has been attributed to UNC5174, a Chinese state-sponsored thr...
Read More » -
Cisco Hackers Use SNMP Flaw to Install Rootkit on Switches
Cybersecurity experts warn of a serious threat exploiting a recently patched remote code execution vulnerability (CVE-2025-20352) in Cisco networking hardware, allowing attackers with root access to install persistent rootkits. The campaign, named 'Operation Zero Disco', targets Cisco switches li...
Read More » -
Microsoft GoAnywhere Bug Fuels Medusa Ransomware Attacks
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere platform allows unauthenticated attackers to execute remote code, prompting urgent patching and removal of internet exposure. The flaw was exploited as a zero-day by Storm-1175, who used legitimate tools for reconnaissance and deplo...
Read More » -
Oracle Issues Urgent Patch for Critical E-Business Suite Flaw
Oracle has released an urgent security patch for a critical vulnerability (CVE-2025-61884) in its E-Business Suite, which can be exploited remotely without authentication to access confidential information. The vulnerability, with a CVSS score of 7.5, affects EBS versions 12.2.3 to 12.2.14, and O...
Read More » -
Dutch Orgs Hacked via Citrix Netscaler Flaw CVE-2025-6543
Dutch organizations were targeted by cyberattacks exploiting Citrix NetScaler vulnerability CVE-2025-6543, allowing remote code execution or denial-of-service, with breaches obscured by attackers. The flaw, a memory overflow issue in Citrix NetScaler systems, was exploited as a zero-day before pa...
Read More » -
Cl0p Gang Hits Oracle in Major Data Theft Campaign
The Cl0p ransomware gang exploited a zero-day vulnerability (CVE-2025-61882) in Oracle E-Business Suite to exfiltrate data and send extortion emails to victims in August 2025. Oracle issued a security advisory for the vulnerability, which allows unauthenticated remote attackers to execute code vi...
Read More » -
Unpatched Fortra GoAnywhere Flaw Risks Full System Takeover
A critical vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT platform allows full system takeover via a deserialization flaw in the License servlet, requiring immediate patching. Exploitation necessitates access to the admin console, echoing a 2023 incident where exposed consoles led to w...
Read More » -
3,000+ Unpatched NetScaler Devices Vulnerable to CitrixBleed 2
Over 3,300 Citrix NetScaler systems remain unpatched against CVE-2025-5777 (CitrixBleed 2), exposing organizations to session hijacking and data theft despite available fixes. The flaw allows attackers to bypass authentication, intercept session tokens, and compromise credentials, with active exp...
Read More »
