Tag: cve
-
CrushFTP Servers Hit by Critical Zero-Day Vulnerability CVE-2025-54309
A new zero-day vulnerability in CrushFTP file transfer servers is being actively exploited by cybercriminals, compromising systems around the world. Tracked as CVE-2025-54309, the CrushFTP zero-day vulnerability was first observed in active exploitation on July 18, 2025. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/crushftp-zero-day-flaw-cve-2025-54309/
-
Livewire Flaw Puts Millions of Laravel Apps at Risk of RCE Attacks
A critical vulnerability discovered in Livewire, a popular full-stack framework for Laravel applications, exposes millions of web properties to unauthenticated remote command execution attacks. Tracked as CVE-2025-54068, the flaw resides in Livewire versions from 3.0.0-beta.1 up to 3.6.3 and stems from the way certain component property updates are hydrated, allowing an attacker to inject and…
-
CVE-2025-53770: Critical SharePoint Flaws Actively Exploited in the Wild
Microsoft has released emergency security updates to address a critical vulnerability in its on-premises SharePoint Server, warning that the flaw is currently being exploited in the wild. The tech company also disclosed a second, related vulnerability. CVE-2025-53770 Critical Flaw Enables… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-53770-sharepoint-flaws-exploited/
-
SharePoint-Notfall-Updates für 0-day Schwachstelle (CVE-2025-53770)
Seit dem 18. Juli 2025 werden weltweit SharePoint-Server über die zum 14. Juli 2025 gepatchten Schwachstellen CVE-2025-49704 und CVE-2025-49706 angegriffen. Aber es gibt eine weitere 0-day-Schwachstelle CVE-2025-53770 (eine Variante von CVE-2025-49706), die bisher ungepatcht war (CVSS 3.1 9.8), die auch … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/21/sharepoint-notfall-updates-fuer-0-day-schwachstelle-cve-2025-53770/
-
SharePoint zero-day CVE-2025-53770 actively exploited in the wild
Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score of 9.8), which is under active exploitation. Unfortunately, the flaw has yet to be addressed. The vulnerability is a deserialization of untrusted data in on-premises Microsoft SharePoint Server, an…
-
CISA Issues Alert on Microsoft SharePoint 0-Day RCE Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, data, exploit, flaw, infrastructure, microsoft, rce, remote-code-execution, threat, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent security alert regarding a critical zero-day vulnerability in Microsoft SharePoint Server that is being actively exploited in cyberattacks. The vulnerability, tracked as CVE-2025-53770, represents a significant threat to organizations running on-premises SharePoint installations. The flaw stems from a deserialization of untrusted data vulnerability within…
-
7-Zip Vulnerability Lets Malicious RAR5 Files Crash Systems
A critical denial-of-service vulnerability has been discovered in 7-Zip that allows attackers to crash systems using specially crafted RAR5 archive files. The vulnerability, tracked as CVE-2025-53816, affects the popular compression software’s RAR5 decoder and can lead to memory corruption and system crashes when processing malicious archives. Technical Details of the Vulnerability Security researcher Jaroslav LobaÄevski…
-
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in “ToolShell” attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-releases-emergency-patches-for-sharepoint-rce-flaws-exploited-in-attacks/
-
CrushFTP 0-Day Vulnerability Actively Exploited to Breach Servers
A critical zero-day vulnerability in CrushFTP servers is being actively exploited by threat actors to compromise systems worldwide. The vulnerability, designated CVE-2025-54309, was first observed in active exploitation on July 18th at 9:00 AM CST, though security researchers believe the attacks may have been ongoing for longer periods before detection. Vulnerability Details and Attack Vector…
-
Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access
Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points that could allow an attacker to bypass authentication and gain administrative access to susceptible systems.The vulnerability, tracked as CVE-2025-37103, carries a CVSS score of 9.8 out of a maximum of 10.0.”Hard-coded login credentials were found in HPE…
-
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-zero-day-exploited-in-rce-attacks-no-patch-available/
-
U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet FortiWeb flaw, tracked as CVE-2025-25257, to its Known Exploited Vulnerabilities (KEV) catalog. Hackers began exploiting the critical Fortinet FortiWeb flaw CVE-2025-25257 (CVSS score of 9.6) on the same day a proof-of-concept (PoC) exploit…
-
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Company Servers
A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign.The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of…
-
Security Affairs newsletter Round 533 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release Authorities released free decryptor for Phobos and…
-
Critical Unpatched SharePoint Zero-Day Actively Exploited, Breaches 75+ Global Organizations
A critical security vulnerability in Microsoft SharePoint Server has been weaponized as part of an “active, large-scale” exploitation campaign.The zero-day flaw, tracked as CVE-2025-53770 (CVSS score: 9.8), has been described as a variant of CVE-2025-49706 (CVSS score: 6.3), a spoofing bug in Microsoft SharePoint Server that was addressed by the tech giant as part of…
-
Hackers Exploit Critical CrushFTP Flaw to Gain Admin Access on Unpatched Servers
A newly disclosed critical security flaw in CrushFTP has come under active exploitation in the wild. Assigned the CVE identifier CVE-2025-54309, the vulnerability carries a CVSS score of 9.0.”CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin…
-
Fortinet FortiWeb flaw CVE-2025-25257 exploited hours after PoC release
Hackers exploited a Fortinet FortiWeb flaw the same day a PoC was published, compromising dozens of systems. Hackers began exploiting a critical Fortinet FortiWeb flaw, tracked as CVE-2025-25257 (CVSS score of 9.6), on the same day a proof-of-concept (PoC) exploit was published, leading to dozens of compromised systems. Exploitation of Fortinet’s CVE-2025-25257 began on July…
-
CrushFTP mit 0-Day-Schwachstelle CVE-2025-54309
Jemand aus der Blog-Leserschaft, der das Programm CrushFTP zum Dateitransfer verwendet? Inzwischen haben sich mehrere Leser gemeldet (danke dafür), dass es Meldungen über eine 0-Day-Schwachstelle (CVE-2025-54309) gibt, die wohl auch schon ausgenutzt wird. Was ist CrushFTP? CrushFTP ist ein ursprünglich 1999 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/19/crushftp-mit-0-day-schwachstelle-cve-2025-54309/
-
New CrushFTP zero-day exploited in attacks to hijack servers
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-crushftp-zero-day-exploited-in-attacks-to-hijack-servers/
-
CrushFTP zero-day exploited in attacks to gain admin access on servers
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crushftp-zero-day-exploited-in-attacks-to-gain-admin-access-on-servers/
-
CrushFTP zero-day exploited to gain admin access on servers
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/crushftp-zero-day-exploited-to-gain-admin-access-on-servers/
-
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks exploiting security flaws in Ivanti Connect Secure (ICS) appliances.According to a report published by JPCERT/CC today, the threat actors behind the exploitation of CVE-2025-0282 and CVE-2025-22457 in intrusions observed between December 2024 and July First…
-
Hackers scanning for TeleMessage Signal clone flaw exposing passwords
Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-scanning-for-telemessage-signal-clone-flaw-exposing-passwords/
-
Sophos Intercept X for Windows Flaws Enable Arbitrary Code Execution
Sophos has disclosed three critical security vulnerabilities in its Intercept X for Windows endpoint security solution that could allow attackers to execute arbitrary code and gain system-level privileges on affected systems. The vulnerabilities, designated CVE-2024-13972, CVE-2025-7433, and CVE-2025-7472, all carry high severity ratings and affect different components of the security software including the updater, Device…
-
Grafana Flaws Allow User Redirection and Code Execution in Dashboards
Grafana Labs has released critical security patches addressing two significant vulnerabilities that could enable attackers to redirect users to malicious websites and execute arbitrary code within dashboard environments. The security update addresses CVE-2025-6023, a high-severity cross-site scripting (XSS) vulnerability, and CVE-2025-6197, a medium-severity open redirect flaw, both discovered through the company’s bug bounty program. Critical…
-
Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands
A critical security vulnerability has been discovered in Ubiquiti’s UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands on affected systems. The vulnerability, designated as CVE-2025-27212, affects multiple UniFi Access products and carries a maximum CVSS score of 9.8, indicating its severe nature and potential for widespread exploitation. Vulnerability Details…
-
Threat Actors Exploit Ivanti Connect Secure Flaws to Deploy Cobalt Strike Beacon
Threat actors have been actively exploiting vulnerabilities in Ivanti Connect Secure, specifically CVE-2025-0282 and CVE-2025-22457, to deploy advanced malware including MDifyLoader and Cobalt Strike Beacon. These attacks, observed from December 2024 through July 2025, build on prior incidents involving SPAWNCHIMERA and DslogdRAT, demonstrating persistent targeting of VPN appliances. Attackers leverage these flaws for initial access,…
-
Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services
Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services.The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It has been codenamed NVIDIAScape by Google-owned cloud security company Wiz.”NVIDIA Container Toolkit for all platforms contains…
-
Lenovo Protection Driver Flaw Enables Privilege Escalation and Code Execution
A critical security vulnerability has been discovered in Lenovo’s protection driver software, affecting millions of users across desktop and laptop systems. The flaw, identified as CVE-2025-4657, allows local attackers with elevated privileges to execute arbitrary code through a buffer overflow exploit, posing significant security risks to enterprise and consumer environments. Vulnerability Details and Impact The…
-
Signal App Clone Telemessage App Vulnerability Actively Exploited for Password Theft
A critical vulnerability in TeleMessageTM SGNL, an enterprise messaging platform modeled after Signal, is being actively exploited by threat actors to steal passwords and sensitive data from government agencies and enterprises. The flaw, tracked as CVE-2025-48927, was added to CISA’s Known Exploited Vulnerabilities catalog on July 14th, indicating widespread exploitation in the wild. Vulnerability Details…