Topic: zero-day vulnerability

Sort by: Relevance | Date
  • SonicWall firewalls targeted in rising Akira ransomware attacks
    August 3, 2025
    85%

    SonicWall firewalls targeted in rising Akira ransomware attacks

    SonicWall firewalls are being targeted in Akira ransomware attacks, potentially exploiting an undisclosed security flaw, with attackers using compromised SSL VPN connections for initial access. Akira ransomware has extorted over $42 million from 250+ victims, employing tactics like routing authen...

    Read More »
  • TP-Link Router Security Flaw Requires Immediate Patch
    March 27, 2026
    80%

    TP-Link Router Security Flaw Requires Immediate Patch

    A critical security vulnerability (CVE-2025-15517) in several TP-Link Archer NX router models allows unauthenticated attackers to bypass login and take full control, requiring immediate firmware updates. TP-Link also patched additional flaws, including a hardcoded cryptographic key and command in...

    Read More »
  • Patch Critical Cisco Flaw by Sunday, CISA Orders
    March 23, 2026
    80%

    Patch Critical Cisco Flaw by Sunday, CISA Orders

    Federal agencies must patch a critical vulnerability (CVE-2026-20131) in Cisco's firewall management software by March 22, as it allows unauthenticated attackers to execute arbitrary code with root privileges. The flaw is being actively exploited by the Interlock ransomware gang, which has used i...

    Read More »
  • Cisco Patches 48 Firewall Flaws, Warns of Active SD-WAN Attacks
    March 6, 2026
    80%

    Cisco Patches 48 Firewall Flaws, Warns of Active SD-WAN Attacks

    Cisco has issued critical patches for two actively exploited vulnerabilities in its Catalyst SD-WAN Manager, which could allow attackers to gain elevated system privileges. The company also fixed 48 flaws in its firewall products, including two maximum-severity issues: an authentication bypass an...

    Read More »
  • Clop Ransomware Claims Massive 3.5M University of Phoenix Breach
    December 25, 2025
    80%

    Clop Ransomware Claims Massive 3.5M University of Phoenix Breach

    A data breach at the University of Phoenix compromised approximately 3.5 million people, with attackers stealing highly sensitive personal and financial information, including Social Security and bank account numbers. The breach was part of a widespread campaign by the Clop ransomware gang, which...

    Read More »
  • Dartmouth College Hit by Clop Ransomware Data Breach
    November 27, 2025
    80%

    Dartmouth College Hit by Clop Ransomware Data Breach

    Dartmouth College experienced a data breach by the Clop ransomware group, which exploited a zero-day vulnerability in Oracle E-Business Suite to steal personal data, including names and Social Security numbers. The breach affected at least 1,494 individuals, with financial account details also co...

    Read More »
  • CISA Warns: BeyondTrust RCE Flaw Actively Exploited by Ransomware
    February 22, 2026
    78%

    CISA Warns: BeyondTrust RCE Flaw Actively Exploited by Ransomware

    A critical, unauthenticated remote code execution flaw (CVE-2026-1731) in BeyondTrust's remote support software is being actively exploited by ransomware groups, prompting urgent federal warnings. The vulnerability was a zero-day threat exploited before public disclosure, and its inclusion in CIS...

    Read More »
  • SonicWall Zero-Day Exploit Patched (CVE-2025-40602)
    December 19, 2025
    78%

    SonicWall Zero-Day Exploit Patched (CVE-2025-40602)

    SonicWall has released a critical update for a new, actively exploited local privilege escalation flaw (CVE-2025-40602) in its SMA 1000 series appliances, urging immediate patching. This vulnerability is especially dangerous when chained with a previously patched flaw (CVE-2025-23006), allowing a...

    Read More »
  • SonicWall SMA Devices Still Infected with Stealthy OVERSTEP Malware
    July 18, 2025
    75%

    SonicWall SMA Devices Still Infected with Stealthy OVERSTEP Malware

    Cybersecurity experts discovered a malware campaign targeting outdated SonicWall SMA 100 devices, deploying the stealthy OVERSTEP backdoor via stolen admin credentials and potential vulnerabilities. The OVERSTEP malware hijacks system functions, steals sensitive data, and evades detection, with a...

    Read More »
  • CISA Mandates US Agencies Patch Critical Cisco Vulnerability
    March 25, 2026
    72%

    CISA Mandates US Agencies Patch Critical Cisco Vulnerability

    CISA has mandated federal agencies to patch a critical Cisco firewall management vulnerability (CVE-2026-20131) within three days, as ransomware groups are actively exploiting it. The flaw, with a maximum severity score, allows unauthenticated attackers to execute arbitrary code with root privile...

    Read More »
  • Baker University Data Breach Exposes 53,000 People in 2025
    December 25, 2025
    65%

    Baker University Data Breach Exposes 53,000 People in 2025

    A data breach at Baker University compromised the sensitive personal information of over 53,000 individuals, including Social Security numbers, financial details, and medical records. The university discovered unauthorized network access in December 2024 and is offering credit monitoring, but has...

    Read More »
  • Urgent Oracle EBS Vulnerability Alert (CVE-2025-61884)
    October 13, 2025
    60%

    Urgent Oracle EBS Vulnerability Alert (CVE-2025-61884)

    A critical security flaw, CVE-2025-61884, has been identified in Oracle's E-Business Suite, affecting versions 12.2.3 to 12.2.14 and potentially earlier versions like 12.1.3, allowing unauthenticated attackers to exploit it via HTTP. Exploitation of this vulnerability could result in unauthorized...

    Read More »

Related Topics

cybersecurity threats (180) data breach (274) authentication bypass (51) vulnerability exploitation (113) patch management (95) remote code execution (133) security updates (115) privilege escalation (86)