Tag: cve
-
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.”Due to a deserialization vulnerability in…
-
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.”Due to a deserialization vulnerability in…
-
New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login
SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution.The vulnerability, tracked as CVE-2025-42944, carries a CVSS score of 10.0. It has been described as a case of insecure deserialization.”Due to a deserialization vulnerability in…
-
Hackers Exploit Windows Remote Access Connection Manager 0-Day in Ongoing Attacks
Microsoft has confirmed active exploitation of a critical zero-day vulnerability affecting the Windows Remote Access Connection Manager, designated as CVE-2025-59230. The security flaw, disclosed on October 14, 2025, allows attackers with limited system access to escalate their privileges to the highest level, gaining complete control over compromised systems. Zero-Day Vulnerability Enables System-Level Access The vulnerability…
-
Hackers Exploit Windows Remote Access Connection Manager 0-Day in Ongoing Attacks
Microsoft has confirmed active exploitation of a critical zero-day vulnerability affecting the Windows Remote Access Connection Manager, designated as CVE-2025-59230. The security flaw, disclosed on October 14, 2025, allows attackers with limited system access to escalate their privileges to the highest level, gaining complete control over compromised systems. Zero-Day Vulnerability Enables System-Level Access The vulnerability…
-
Hackers Exploit Windows Remote Access Connection Manager 0-Day in Ongoing Attacks
Microsoft has confirmed active exploitation of a critical zero-day vulnerability affecting the Windows Remote Access Connection Manager, designated as CVE-2025-59230. The security flaw, disclosed on October 14, 2025, allows attackers with limited system access to escalate their privileges to the highest level, gaining complete control over compromised systems. Zero-Day Vulnerability Enables System-Level Access The vulnerability…
-
Microsoft Patch Tuesday for October 2025, Snort rules and prominent vulnerabilities
Microsoft has released its monthly security update for October 2025, addressing 175 Microsoft CVEs and 21 non-Microsoft CVEs. Among these, 17 vulnerabilities are considered critical and 11 are flagged as important and considered more likely to be exploited. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/microsoft-patch-tuesday-for-october-2025-snort-rules-and-prominent-vulnerabilities/
-
Sicherheitsprobleme: AI-Browser; Oracle 0-day; GoAnywhere; Ivanti; 7-Zip etc.
Warnung vor der Verwendung von AI-Browsern, die konzeptionelle Sicherheitsprobleme für Anwender mit sich bringen. Nutzer der Oracle Oracle E-Business Suite (EBS) werden seit Juli 2025 über eine erst am 4. Oktober 2025 gepatchte 0-day-Schwachstelle CVE-2025-61882 erfolgreich angegriffen. Eine GoAnywhere-Schwachstelle wird … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/14/sicherheitsluecken-7-zip/
-
Security firms dispute credit for overlapping CVE reports
FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs’ reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding over disclosure process. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/security-firms-dispute-credit-for-overlapping-cve-reports/
-
CVE-2025-61882: Imperva Customers Protected Against Critical Oracle EBS Zero-Day RCE
TL;DR: In early October 2025, Oracle released an emergency security alert addressing CVE-2025-61882, a high-severity unauthenticated remote code execution (RCE) vulnerability in the Concurrent Processing / BI Publisher Integration component of Oracle E-Business Suite (EBS) versions 12.2.3 through 12.2.14. Multiple threat actors (most prominently Cl0p and related groups) are already exploiting it in the wild……
-
Security firms debate CVE credit in overlapping vulnerability reports
FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs’ reports without crediting them. Gecko denies any wrongdoing, calling the allegations a misunderstanding over disclosure process. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/security-firms-debate-cve-credit-in-overlapping-vulnerability-reports/
-
PolarEdge C2 Communication via Custom Binary Protocol with Custom TLS Server
In early 2025, security researchers unveiled a sophisticated botnet implant named PolarEdge, which relies on a bespoke TLS server and a proprietary binary protocol to carry out unauthenticated command-and-control operations. PolarEdge first emerged in January 2025 when honeypots monitoring Cisco routers captured suspicious traffic exploiting CVE-2023-20118. Attackers used a crafted HTTP request with the User-Agent…
-
PolarEdge C2 Communication via Custom Binary Protocol with Custom TLS Server
In early 2025, security researchers unveiled a sophisticated botnet implant named PolarEdge, which relies on a bespoke TLS server and a proprietary binary protocol to carry out unauthenticated command-and-control operations. PolarEdge first emerged in January 2025 when honeypots monitoring Cisco routers captured suspicious traffic exploiting CVE-2023-20118. Attackers used a crafted HTTP request with the User-Agent…
-
Happy DOM Security Flaw (CVE-2025-61927) Enables VM Context Escape and Remote Code Execution
A critical security flaw has been identified in Happy DOM, a widely used JavaScript library primarily employed for server-side rendering and testing frameworks. The vulnerability, cataloged as CVE-2025-61927, allows attackers to escape the library’s virtual machine (VM) context, leading to potential remote code execution on vulnerable systems. This flaw threatens millions of applications that depend…
-
Oracle issues second emergency patch for E-Business Suite in two weeks
Tags: attack, business, cve, cybersecurity, data, exploit, google, governance, group, identity, infrastructure, intelligence, kev, least-privilege, malicious, mandiant, monitoring, network, oracle, strategy, threat, update, vulnerability, zero-trustImmediate actions for CVE-2025-61884: Oracle has provided patches for CVE-2025-61884 for all affected versions covered under Premier Support or Extended Support. However, security experts warned that patching alone may not be sufficient. The lessons from the recent CVE-2025-61882 attacks show that organizations need to hunt for signs of prior compromise even after applying fixes.In a…
-
Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884. Oracle released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS Score of 7.5), in E-Business Suite’s Runtime UI component (versions 12.2.312.2.14). >>Oracle has just released Security Alert CVE-2025-61884. This vulnerability affects some deployments of Oracle E-Business…
-
Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
Oracle issued an emergency security update to address a new E-Business Suite (EBS) vulnerability tracked as CVE-2025-61884. Oracle released an emergency patch to address an information disclosure flaw, tracked as CVE-2025-61884 (CVSS Score of 7.5), in E-Business Suite’s Runtime UI component (versions 12.2.312.2.14). >>Oracle has just released Security Alert CVE-2025-61884. This vulnerability affects some deployments of Oracle E-Business…
-
Elastic Cloud Enterprise Flaw Lets Attackers Run Malicious Commands
Elastic has released a critical security update for Elastic Cloud Enterprise (ECE) addressing a template engine injection flaw that could allow attackers with admin privileges to execute arbitrary commands and exfiltrate sensitive data. Tracked as CVE-2025-37729 and rated CVSS 9.1 (Critical), the issue affects ECE versions 2.5.0 through 3.8.1 and 4.0.0 through 4.0.1. Users are…
-
Elastic Cloud Enterprise Flaw Lets Attackers Run Malicious Commands
Elastic has released a critical security update for Elastic Cloud Enterprise (ECE) addressing a template engine injection flaw that could allow attackers with admin privileges to execute arbitrary commands and exfiltrate sensitive data. Tracked as CVE-2025-37729 and rated CVSS 9.1 (Critical), the issue affects ECE versions 2.5.0 through 3.8.1 and 4.0.0 through 4.0.1. Users are…
-
Elastic Cloud Enterprise Flaw Lets Attackers Run Malicious Commands
Elastic has released a critical security update for Elastic Cloud Enterprise (ECE) addressing a template engine injection flaw that could allow attackers with admin privileges to execute arbitrary commands and exfiltrate sensitive data. Tracked as CVE-2025-37729 and rated CVSS 9.1 (Critical), the issue affects ECE versions 2.5.0 through 3.8.1 and 4.0.0 through 4.0.1. Users are…
-
Gladinet file sharing zero-day brings patched flaw back from the dead
What to do: All versions of CentreStack and Triofox file sharing servers up to and including 16.7.10368.56560 are vulnerable to CVE-2025-11371.The bad news is that Gladinet has yet to issue a patch for this, which means that for the time being the best customers can do is to apply the recommended mitigation.Luckily, according to Huntress,…
-
Hidden Cost of MFT Vulnerabilities: Why CVE-2025-10035 Demands a New Security Playbook
When Fortra disclosed CVE-2025-10035 in GoAnywhere MFT last month, many security teams likely experienced a familiar sinking feeling. Another critical vulnerability. Another emergency patch cycle. Another race against ransomware operators. But this latest maximum-severity flaw reveals something more troubling than a single vendor’s coding error. It exposes the fundamental fragility of how organisations handle their…
-
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
-
âš¡ Weekly Recap: WhatsApp Worm, Critical CVEs, Oracle 0-Day, Ransomware Cartel & More
Every week, the cyber world reminds us that silence doesn’t mean safety. Attacks often begin quietly, one unpatched flaw, one overlooked credential, one backup left unencrypted. By the time alarms sound, the damage is done.This week’s edition looks at how attackers are changing the game, linking different flaws, working together across borders, and even turning…
-
Google, Mandiant expose malware and zero-day behind Oracle EBS extortion
Google and Mandiant link Oracle EBS extortion emails to known July-patched flaws and a likely zero-day, CVE-2025-61882. Google Threat Intelligence and Mandiant analyzed the Oracle E-Business Suite extortion campaign, revealing the use of malware. Attackers exploited July-patched EBS flaws and likely a zero-day (CVE-2025-61882), sending extortion emails to company executives. In early October, Google Mandiant…
-
Security Affairs newsletter Round 545 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Cybercrime ring GXC Team dismantled in Spain,…
-
Security Affairs newsletter Round 545 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2025-11371: Unpatched zero-day in Gladinet CentreStack, Triofox under attack Cybercrime ring GXC Team dismantled in Spain,…