Tag: cve
-
Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day
One CVE was used against “a small number of targets.” Windows 10 users needed to wait a little bit for their patches. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-april-2025/
-
CrushFTP Exploitation Continues Amid Disclosure Dispute
Attacks on a critical authentication bypass flaw in CrushFTP’s file transfer product continue this week after duplicate CVEs sparked confusion. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/crushftp-exploitation-disclosure-dispute
-
Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’
Microsoft warns CVE-2025-29824 lets attackers with user access escalate privileges to deploy ransomware via a flaw in Windows CLFS. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-windows-common-log-file-system-vulnerability/
-
Critical Fortinet FortiSwitch flaw allows remote attackers to change admin passwords
Fortinet addressed a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. Fortinet has released security updates to address a critical vulnerability, tracked as CVE-2024-48887 (CVSS score 9.8), in its FortiSwitch devices. A remote attacker can exploit the vulnerability to change administrator passwords. >>An unverified password change vulnerability [CWE-620]…
-
Patch Tuesday Update April 2025
In total, including third-party CVEs, in this Patch Tuesday edition, Microsoft published 134 CVEs, including 9 republished CVEs. Overall, Microsoft announced one Zero-Day, 11 Critical, and 113 Important vulnerabilities. From an Impact perspective, Escalation of Privilege (EoP) vulnerabilities accounted for 39%, followed by Remote Code Execution (RCE) at 28% and Information Disclosure (ID) at 13%….…
-
Microsoft Warns of Ransomware Attacks Exploiting CVE-2025-29824 Zero-Day
On April 8, 2025, Microsoft released its monthly security updates, addressing a total of 121 vulnerabilities across various products. Among these, CVE-2025-29824, a zero-day vulnerability in the Windows Common Log File System (CLFS) Driver, has been actively exploited in ransomware… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-29824-zero-day-ransomware-attacks/
-
WK Kellogg informiert über Datendiebstahl
Der für seine Cornflakes bekannte Lebensmittelkonzern WK Kellogg wurde um Daten beraubt.WK Kellogg, bekannt für seine Frühstücksprodukte wie Cornflakes und Frosties, teilte kürzlich mit, dass bei einem Angriff im Jahr 2024 Unternehmensdaten gestohlen wurden. In einer Mitteilung an die zuständigen Behörden heißt es, dass zu den offengelegten Daten auch Namen und Sozialversicherungsnummern gehören. Nach eigenen…
-
U.S. CISA adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, microsoft, vulnerability, windowsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Gladinet CentreStack and ZTA Microsoft Windows Common Log File System (CLFS) Driver flaws, respectively tracked as CVE-2025-30406 and CVE-2025-29824, to its…
-
NIST Deprioritizes Pre-2018 CVEs as Backlog Struggles Continue
NIST, which for more than a year has been struggling to address a backlog of CVEs in its database following budget cuts, is now putting pre-2018 vulnerabilities on the back burner to give itself more time to address the rapidly growing number of new software security flaws. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/nist-deprioritizes-pre-2018-cves-as-backlog-struggles-continue/
-
Unicorn Bug: Erster Angriff in freier Wildbahn
Vor kurzem hat Microsoft ein Patch für eine kritische Schwachstelle veröffentlicht, die im Internet Explorer (IE) eine Remote-Code-Execution ermöglicht. Die Schwachstelle, bekannt als Unicorn Bug CVE-2014-6332, wurde bereits im Mai dieses Jahres von einem Forscher des IBM X-Force Security Teams entdeckt. First seen on welivesecurity.com Jump to article: www.welivesecurity.com/deutsch/2014/11/25/unicorn-bug-erster-angriff-freier-wildbahn/
-
Over 5K Ivanti VPNs vulnerable to critical bug under attack
China-linked threat actors last month began exploiting CVE-2025-22457, a critical stack buffer-overflow flaw. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/5k-ivanti-vpns-vulnerable-critical-flaw-under-attack/744748/
-
Zoom Workplace Apps Vulnerability Enables Malicious Script Injection Through XSS Flaws
A newly disclosed vulnerability in Zoom Workplace Apps (tracked as CVE-2025-27441 and CVE-2025-27442) allows attackers to inject malicious scripts via cross-site scripting (XSS) flaws, posing risks to millions of users globally. The medium-severity vulnerability, with a CVSS score of 4.6, enables unauthenticated attackers on adjacent networks to compromise meeting integrity by executing arbitrary code. Zoom…
-
WhatsApp fixed a spoofing flaw that could enable Remote Code Execution
WhatsApp addressed a flaw, tracked as CVE-2025-30401, that could allow attackers to trick users and enable remote code execution. WhatsApp released a security update to address a vulnerability, tracked as CVE-2025-30401, that could let attackers trick users and enable remote code execution. The spoofing flaw impacts WhatsApp for Windows before version 2.2450.6. An attacker could…
-
NIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog
NIST marks CVEs pre-2018 as “Deferred” in the NVD as agency focus shifts to managing emerging threats First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/nist-defers-pre-2018-cves/
-
WhatsApp Vulnerability Could Facilitate Remote Code Execution
An update for the WhatsApp desktop app for Windows patches CVE-2025-30401, a spoofing vulnerability that could be used to trick users. The post WhatsApp Vulnerability Could Facilitate Remote Code Execution appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/whatsapp-vulnerability-could-facilitate-remote-code-execution/
-
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers. The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/exploited-vulnerability-puts-5000-ivanti-vpn-appliances-at-risk/
-
NIST Declares Pre-2018 CVEs Will Be Labeled as ‘Deferred’
The National Institute of Standards and Technology (NIST) has announced that all Common Vulnerabilities and Exposures (CVEs) with a publication date before January 1, 2018, will now be marked with a >>Deferred
-
CISA Warns of CrushFTP Vulnerability Exploitation in the Wild
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crushftp-vulnerability-cisa-kev/
-
CISA Warns of CrushFTP Exploit Letting Attackers Bypass Authentication
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a new vulnerability to its Known Exploited Vulnerabilities Catalog. The vulnerability, identified as CVE-2025-31161, is an Authentication Bypass Vulnerability in CrushFTP, a widely used FTP server software. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-adds-cve-2025-31161-to-kev-catalog/
-
Google fixed two actively exploited Android zero-days
Google addressed 62 vulnerabilities with the release of Android ‘s April 2025 security update, including two actively exploited zero-days. Google released Android ‘s April 2025 security updates to address 62 vulnerabilities, including two zero-day vulnerabilities (CVE-2024-53197, CVE-2024-53150) exploited in targeted attacks. The vulnerability CVE-2024-53197 is a Linux kernel issue affecting ALSA USB audio. Malicious devices…
-
Warum 100 % Patches nicht das ultimative Ziel sind
Wenn es um Cybersicherheit geht, erscheint das Patchen von Schwachstellen oft wie der Heilige Gral. Wenn die CVEs (Common Vulnerabilities and Exposures, häufige Schwachstellen und Risiken in Computersystemen) gepatcht sind, ist man sicher, oder? Nun, nicht ganz. Leider ist Patchen nicht so einfach oder so effektiv wie Unternehmen glauben. Angesichts begrenzter Ressourcen, Geschäftsunterbrechungen… First seen…
-
WhatsApp for Windows Flaw Allowed Remote Code Execution via File Attachments
A critical vulnerability identified as CVE-2025-30401 was recently disclosed, highlighting a major security flaw in WhatsApp for Windows. This issue, which primarily affects desktop application versions prior to 2.2450.6, allowed attackers to exploit mismatched file metadata to execute arbitrary code on unsuspecting users’ systems. Technical Details of CVE-2025-30401 According to the Facebook blog, the vulnerability arises from…
-
PoC Exploit Reveals SSH Key Exposure via Yelp Vulnerability on Ubuntu
Security researchers have uncovered a critical vulnerability (CVE-2025-3155) in Ubuntu’s default help browser Yelp that could expose sensitive system files including SSH private keys. The flaw impacts Ubuntu desktop installations and stems from improper handling of XML content in GNOME’s help documentation system. Technical Breakdown of CVE-2025-3155 Affected Systems: Vulnerability Chain: Attack Scenario Walkthrough Key…
-
Google Releases Android Update to Patch Two Actively Exploited Vulnerabilities
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild.The two high-severity vulnerabilities are listed below -CVE-2024-53150 (CVSS score: 7.8) – An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosureCVE-2024-53197 (CVSS score: 7.8) – A privilege escalation flaw in the USB…
-
CVE-2024-11859: ToddyCat Group Hides Malware in ESET’s Scanner to Bypass Security
Advanced Persistent Threat (APT) groups are constantly evolving their techniques to evade detection. Kaspersky Labs has recently uncovered a sophisticated method employed by the ToddyCat group: hiding their malicious activity within the context of legitimate security software. In early 2024, Kaspersky’s investigation into ToddyCat incidents revealed a suspicious file named >>version.dll
-
NIST to Implement ‘Deferred’ Status to Dated Vulnerabilities
The changes will go into effect over the next several days to reflect which CVEs are being prioritized in the National Vulnerability Database (NVD). First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/nist-deferred-status-dated-vulnerabilities
-
NIST marks all CVEs prior to Jan. 1, 2018, as ‘deferred’
First seen on scworld.com Jump to article: www.scworld.com/news/nist-marks-all-cves-prior-to-jan-1-2018-as-deferred