Tag: cve
-
Attackers target Zyxel RCE vulnerability CVE-2023-28771
GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. >>Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks.On June 16, GreyNoise observed…
-
ASUS Armoury Crate Vulnerability Lets Hackers Gain System-Level Access on Windows
A critical vulnerability in ASUS’s popular Armoury Crate software has exposed millions of Windows users to the risk of system-level compromise, according to a recent disclosure by Cisco Talos and confirmed by ASUS. The flaw, tracked as CVE-2025-3464, allows attackers to bypass security controls and gain the highest level of privileges on affected systems, potentially…
-
Critical sslh Vulnerabilities Allow Remote DenialService Attacks
Security researchers disclosed two critical vulnerabilities in sslh, a widely used protocol multiplexer that enables multiple services”, such as SSH, HTTPS, and OpenVPN”, to share a single network port. These flaws, tracked as CVE-2025-46807 and CVE-2025-46806, could allow remote attackers to crash sslh or render it unavailable, resulting in a denial-of-service (DoS) for legitimate users.…
-
TP-Link Router Flaw CVE-2023-33538 Under Active Exploit, CISA Issues Immediate Alert
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, router, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw in TP-Link wireless routers to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2023-33538 (CVSS score: 8.8), a command injection bug that could result in the execution of arbitrary system commands when…
-
Hackers Exploiting Chrome Zero”‘Day Vulnerability in the Wild
A newly discovered zero-day vulnerability in Google Chrome, tracked as CVE-2025-2783, is being actively exploited by hackers in sophisticated cyber-espionage campaigns. Security researchers have observed a surge in targeted attacks leveraging this flaw, with attribution pointing to the advanced persistent threat (APT) group Team46, also known as TaxOff. The Attack Campaign The first signs of…
-
CISA Alerts: iOS Zero”‘Click Flaw Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert following the discovery and active exploitation of a critical zero-click vulnerability in Apple’s ecosystem, tracked as CVE-2025-43200. This flaw, now patched, enabled attackers to compromise iOS, iPadOS, macOS, watchOS, and visionOS devices without any user interaction, raising alarms across the cybersecurity and…
-
Cross-Site Scripting (XSS) Schwachstelle CVE-2025-4123 in Grafana
In der Open-Source-Software Grafana wurde die Tage eine Cross-Site Scripting (XSS) Schwachstelle CVE-2025-4123 öffentlich. Es ist ein kritischer offener Redirect-Fehler in Grafana, der zur Übernahme von Konten führen könnte. Updaten ist angesagt, aber Tausende Grafana-Instanzen sind per Internet erreichbar. Grafana … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/17/cross-site-scripting-xss-schwachstelle-cve-2025-4123-in-grafana/
-
Hackers Weaponize Langflow Vulnerability to Launch Flodrix Botnet
Tags: ai, botnet, cve, cvss, cyber, cybercrime, exploit, flaw, framework, hacker, remote-code-execution, vulnerabilityA critical security flaw in Langflow, a widely adopted Python-based AI prototyping framework, is being actively exploited by cybercriminals to deploy the rapidly evolving Flodrix botnet. Security researchers have confirmed that attackers are exploiting CVE-2025-3248, a remote code execution (RCE) vulnerability rated 9.8 on the CVSS scale, to compromise unpatched Langflow servers and enlist them…
-
Zyxel Devices Under Attack as Hackers Exploit UDP Port RCE Flaw
Tags: attack, control, cve, cyber, cyberattack, exploit, firewall, flaw, hacker, Internet, rce, remote-code-execution, vpn, vulnerability, zyxelA sudden and highly coordinated wave of cyberattacks has struck Zyxel firewall and VPN devices worldwide, as hackers exploit a critical remote code execution (RCE) vulnerability tracked as CVE-2023-28771. The attacks, observed on June 16, 2025, leveraged UDP port 500″, the Internet Key Exchange (IKE) packet decoder”, to remotely inject system commands and potentially seize…
-
Mit künstlicher Intelligenz und Laufzeitkontext die Schwachstellenbehebung beschleunigen
In der Cloud zählen Sekunden. Angreifer benötigen oft weniger als zehn Minuten, um Schwachstellen auszunutzen dennoch dauert deren Behebung in vielen Unternehmen Wochen oder sogar Monate. Ein Grund: Sicherheitsteams kämpfen mit unübersichtlichen CVE-Listen, mangelndem Kontext und begrenzten Ressourcen. Mit dem neuen Update seiner Schwachstellenmanagement-Lösung bringt Sysdig erstmals KI-gestützte, kontextbasierte Abhilfemaßnahmen direkt in die Arbeitsprozesse […]…
-
IBM Backup Services Flaw Allows Hackers to Gain Elevated Access
A critical security vulnerability has been identified in IBM’s Backup, Recovery, and Media Services (BRMS) for IBM i, potentially exposing enterprise environments to privilege escalation attacks. The flaw, tracked as CVE-2025-33108, affects versions 7.4 and 7.5 of the BRMS software, which are widely used for automating backup and recovery operations on IBM i systems. Nature…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 49
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Supply chain attack hits Gluestack NPM packages with 960K weekly downloads Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721 Destructive npm Packages Disguised as Utilities Enable Remote System Wipe AMOS Variant Distributed…
-
Microsoft Patches 67 Security Flaws, Including CVE-2025-33053
Microsoft has released a sweeping security update addressing 67 vulnerabilities across its software ecosystem. This includes a critical zero-day vulnerability in Web Distributed Authoring and Versioning (WebDAV) that is currently being exploited in real-world attacks. Breakdown of June 2025 Patch… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/microsoft-patches-webdav-zero-day-cve-2025-33053/
-
Palo Alto Networks fixed multiple privilege escalation flaws
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions. Palo Alto Networks fixed seven privilege escalation vulnerabilities and integrated the latest Chrome security patches into its products. Palo Alto applied 11 Chrome fixes and patched CVE-2025-4233, a cache vulnerability impacting the Prisma Access Browser. The most severe vulnerability, tracked…
-
‘Dangerous’ vulnerability in GitLab Ultimate Enterprise Edition
Tags: access, ai, attack, authentication, best-practice, ceo, communications, control, cve, cvss, data, flaw, github, gitlab, incident response, injection, malicious, mfa, password, risk, service, vulnerabilityCVE-2025-2254, a cross-site scripting issue, which, under certain conditions, could allow an attacker to act like a legitimate user by injecting a malicious script into the snippet viewer.All GitLab CE/EE versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2 are impacted;CVE-2025-0673, a vulnerability that can cause a denial of service by triggering…
-
Apple confirmed that Messages app flaw was actively exploited in the wild
Apple confirmed that a security flaw in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. Apple confirmed that a now-patched vulnerability, tracked as CVE-2025-43200, in its Messages app was actively exploited in the wild to target journalists with Paragon’s Graphite spyware. The IT giant addressed the flaw…
-
Ungepatchte Lücken ermöglichen Übernahme von GitLab-Konten
Tags: access, authentication, best-practice, bug, ceo, ciso, cve, cvss, cyberattack, dos, github, gitlab, incident response, injection, jobs, mfa, password, risk, sans, service, software, update, vulnerabilityExperten warnen vor einem neuen Bug in GitLab.Eine neue Sicherheitslücke in der Ultimate Enterprise Edition von GitLab ist laut einem Experten ‘gefährlich” und muss schnell gepatcht werden.Die Schwachstelle mit der Bezeichnung CVE-2025-5121 ist eine von zehn, die GitLab am Mittwoch bei der Veröffentlichung von Bugfixes und Sicherheits-Updates für selbstverwaltete Installationen beschrieben hat.’Wir empfehlen dringend, alle…
-
PoC Exploit Unveiled for Windows Disk Cleanup Elevation Vulnerability
Microsoft addressed a high-severity elevation of privilege vulnerability (CVE-2025-21420) in its Windows Disk Cleanup Utility (cleanmgr.exe) during February 2025’s Patch Tuesday. The flaw, scoring 7.8 on the CVSS scale, enabled attackers to execute malicious code with SYSTEM privileges through DLL sideloading and a directory traversal technique. Technical Analysis of CVE-2025-21420 The vulnerability stems from cleanmgr.exe’s…
-
WebDAV Remote Code Execution 0-Day Actively Exploited, PoC Released
A critical zero-day vulnerability in Microsoft’s Web Distributed Authoring and Versioning (WebDAV) protocol, tracked as CVE-2025-33053, has been actively exploited by the advanced persistent threat (APT) group Stealth Falcon since March 2025. The flaw, patched in June’s Patch Tuesday, enables remote code execution (RCE) via manipulated .url shortcut files and has been linked to attacks…
-
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks.The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura…
-
Improving Java Container Security with Chainguard and Azul
Chainguard provides hardened, zero-CVE container images (Chainguard Containers) that enable companies to achieve speed, security and scalability. Now, through a strategic partnership between Azul and Chainguard, Chainguard will build from source Java container images that incorporate Azul’s commercially supported build of OpenJDK that’s part of Azul Platform Core. This integration enables enterprises to continue to……
-
OpenPGP.js Vulnerability Allows Attackers to Bypass Message Signature Verification
A critical vulnerability in OpenPGP.js, a widely used JavaScript library for encrypted messaging and digital signatures, has been patched after researchers discovered it allowed attackers to spoof message signatures, potentially undermining the trust model of public key cryptography. The flaw, tracked as CVE-2025-47934, was uncovered by security researchers Edoardo Geraci and Thomas Rinsma of Codean…
-
Unpatched holes could allow takeover of GitLab accounts
Tags: access, attack, authentication, best-practice, ceo, communications, control, cve, cvss, data, github, gitlab, incident response, malicious, mfa, password, risk, service, vulnerabilityCVE-2025-2254, a cross-site scripting issue, which, under certain conditions, could allow an attacker to act like a legitimate user by injecting a malicious script into the snippet viewer.All GitLab CE/EE versions from 17.9 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2 are impacted;CVE-2025-0673, a vulnerability that can cause a denial of service by triggering…
-
Vulnerability Databases Face Accuracy and Access Gaps
VulnCheck’s Garrity on the Uncertainty of the CVE Ecosystem and EUVD’s Limitations. Funding shortages and incomplete coverage in critical vulnerability databases are increasing the risk for defenders. Patrick Garrity, security researcher at VulnCheck, discusses how data gaps and scoring confusion hinder response strategies for potential cyberattacks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/vulnerability-databases-face-accuracy-access-gaps-a-28670
-
Salesforce tags 5 CVEs after SaaS security probe uncovers misconfig risks
The 16 other flagged issues are on customers, says CRM giant First seen on theregister.com Jump to article: www.theregister.com/2025/06/11/salesforce_cves_misconfigs/
-
Dems want watchdog study of two troubled federally-funded vulnerability tracking initiatives
The CVE program publishes standardized information about known cyber vulnerabilities, while the NVD is a storehouse for vulnerability management data. First seen on cyberscoop.com Jump to article: cyberscoop.com/gao-vulnerability-management-letter-cve-nvd-bennie-thompson-zoe-lofgren/
-
Insyde UEFI Application Vulnerability Enables Digital Certificate Injection Through NVRAM Variable
A critical vulnerability in Insyde H2O UEFI firmware (tracked as CVE-2025-XXXX) allows attackers to bypass Secure Boot protections by injecting malicious digital certificates via an unprotected NVRAM variable. This flaw exposes millions of devices to pre-boot malware and kernel-level rootkits that evade traditional security monitoring. How SecureFlashCertData Undermines Secure Boot The vulnerability centers on improper…
-
Patch Tuesday Update June 2025
In total, including third-party CVEs, in this Patch Tuesday edition, Microsoft published 69 CVEs, including 3 republished CVEs. Overall, Microsoft announced 2 Zero-Day, 10 Critical, and 57 Important vulnerabilities. From an Impact perspective, Remote Code Execution vulnerabilities accounted for 39%, followed by Information Disclosure at 25% and Escalation of Privilege at 20%. Patches for this……
-
Apache Kafka Arbitrary File Read and SSRF Vulnerability (CVE-2025-27817)
Overview Recently, NSFOCUS CERT detected that Apache issued a security bulletin to fix the arbitrary file read and SSRF vulnerabilities in Apache Kafka (CVE-2025-27817); Because the Apache Kafka client does not strictly validate and restrict user input, an unauthenticated attacker can elevate the file system/environment/URL access rights of the REST API by constructing malicious configurations…The…