Tag: cve
-
U.S. CISA adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache Tomcat flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Apache Tomcat path equivalence vulnerability, tracked as CVE-2025-24813, to its Known Exploited Vulnerabilities (KEV) catalog. The Apache Tomcat vulnerability CVE-2025-24813 was recently disclosed and is being actively exploited just 30…
-
Google fixes GCP flaw that could expose sensitive container images
run.services.update and iam.serviceAccounts.actAspermissions they could modify a Cloud Run service and deploy a new revision.”In doing so, they could specify (through malicious code injection) any private container image stored in a victim’s registries, Matan added.According to a Tenable statement to CSO, an attacker could use this vulnerability for data theft or espionage in a real-world…
-
Exploited: Critical Unauthenticated Access Vulnerability in CrushFTP (CVE-2025-2825)
In the ever-evolving landscape of web application vulnerabilities, a new critical flaw has emerged. CVE-2025-2825 is a high-severity vulnerability that allows attackers to bypass authentication on CrushFTP servers. This popular enterprise file transfer solution is often used in corporate environments to manage sensitive data, making this vulnerability particularly concerning. Attackers are actively exploiting this flaw……
-
20,000 WordPress Sites at Risk of File Upload Deletion Exploits
A critical security alert has been issued to WordPress site administrators following the discovery of two high-severity vulnerabilities in the >>WP Ultimate CSV Importer
-
An Improved Detection Signature for the Kubernetes IngressNightmare Vulnerability
Wiz recently published a detailed analysis of a critical vulnerability in the NGINX Ingress admission controller”, what they’ve dubbed IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24514). The vulnerability stems from insufficient input validation during configuration file processing, allowing an attacker to inject arbitrary code into the NGINX process. Wiz’s writeup is excellent and covers the technical nuances…
-
CISA Alerts on Active Exploitation of Apache Tomcat Vulnerability
Tags: apache, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, open-source, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert regarding the active exploitation of CVE-2025-24813, a critical vulnerability within Apache Tomcat. This newly identified flaw poses a significant risk to organizations using affected versions of the popular open-source web server. CVE-2025-24813: Apache Tomcat Path Equivalence Vulnerability CVE-2025-24813, classified as a >>Path Equivalence…
-
Microsoft warns of critical flaw in Canon printer drivers
Microsoft’s offensive security team discovered a critical code execution vulnerability impacting Canon printer drivers. Researchers at Microsoft’s Offensive Research and Security Engineering (MORSE) team have discovered a critical code execution vulnerability, tracked as CVE-2025-1268 (CVSS score of 9.4), impacting Canon printer drivers. The vulnerability is an out-of-bounds issue that resides in certain printer drivers for…
-
Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)
Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/01/crushftp-vulnerability-exploitation-cve-2025-2825/
-
Top CVEs Vulnerabilities of March 2025
March 2025 was a high-alert month for cybersecurity teams. Critical CVEs surfaced across widely used technologies, some quiet, others loud, but all carrying real risk. These weren’t just routine disclosures…. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/top-cves-vulnerabilities-of-march-2025/
-
Altgeräte bedrohen Sicherheit in Unternehmen
Tags: access, apache, authentication, botnet, bug, cisco, cloud, cve, cyberattack, dns, endpoint, firewall, Hardware, intelligence, Internet, ivanti, lazarus, linux, macOS, network, open-source, password, radius, ransomware, risk, router, sans, service, software, supply-chain, threat, update, vulnerabilitySchwachstellen in alten Netzwerkgeräten stellen ein erhebliches Sicherheitsrisiko für Unternehmen dar.Eine Analyse von Ciscos Threat-Intelligence-Team Talos zeigt, zwei der drei häufigsten Schwachstellen, auf die es Angreifer im Jahr 2024 abgesehen hatten, waren in alten Netzwerkgeräten zu finden. Das Problem ist, dass Hersteller dazu keine Patches mehr herausgeben.’Dies unterstreicht, wie wichtig es ist, veraltete Komponenten des…
-
CrushFTP CVE-2025-2825 flaw actively exploited in the wild
Attackers exploit CrushFTP CVE-2025-2825 flaw, enabling unauthenticated access to unpatched devices using public proof-of-concept code. Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825, in the CrushFTP file transfer software. Attackers are using exploits based on publicly available proof-of-concept exploit code. The vulnerability impacts CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0, it…
-
Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.The vulnerabilities in question are listed below -CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on…
-
Warum Patches nicht das ultimative Ziel sind
Wenn es um Cybersicherheit geht, erscheint das Patchen von Schwachstellen oft wie der Heilige Gral. Wenn die CVEs (Common Vulnerabilities and Exposures, häufige Schwachstellen und Risiken in Computersystemen) gepatcht sind, ist man sicher, oder? Nun, nicht ganz. Leider ist Patchen nicht so einfach oder so effektiv wie Unternehmen glauben. Angesichts begrenzter Ressourcen, Geschäftsunterbrechungen […] First…
-
Kentico Xperience CMS XSS Vulnerability Allows Remote Code Execution
Kentico Xperience CMS, a widely used platform designed for enterprises and organizations, is under scrutiny after a vulnerability chain was discovered that exploits Cross-Site Scripting (XSS) to enable Remote Code Execution (RCE). This vulnerability was disclosed by researchers who demonstrated its potential harm through a detailed proof of concept. CVE-2025-2748: Cross-Site Scripting Vulnerability According to…
-
Apple Backports Critical Fixes for 3 Live Exploits Impacting iOS and macOS Legacy Devices
Apple on Monday backported fixes for three vulnerabilities that have come under active exploitation in the wild to older models and previous versions of the operating systems.The vulnerabilities in question are listed below -CVE-2025-24085 (CVSS score: 7.3) – A use-after-free bug in the Core Media component that could permit a malicious application already installed on…
-
CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability
Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161. The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/hackers-attempting-to-exploit-crushftp-vulnerability/
-
Volume of attacks on network devices shows need to replace end of life devices quickly
Tags: access, apache, attack, authentication, best-practice, breach, cloud, control, credentials, cve, cyber, dns, endpoint, espionage, exploit, firewall, flaw, government, group, Hardware, infrastructure, injection, Internet, ivanti, lazarus, macOS, monitoring, network, north-korea, open-source, password, risk, router, russia, sans, service, software, threat, tool, update, vulnerabilityCVE-2023-1389, a vulnerability in TP-Link Archer AX21 router;CVE-2024-3400, a hole in Palo Alto Networks PAN-OS firewall operating system;CVE-2023-36845, a vulnerability in Juniper Networks Junos OS operating system;CVE-2021-44529, a vulnerability in Ivanti Endpoint Manager Cloud Service Appliance;CVE-2023-38035, a hole in Ivanti Sentry security gateway;CVE-2024-36401, a vulnerability in OSGeo GeoServer;CVE-2024-0012, a vulnerability in Palo Alto Neworks PAN-OS…
-
CVE-2025-26633: MSC EvilTwin Zero-Day Exploited by Water Gamayun
In early 2025, cybersecurity researchers uncovered a zero-day vulnerability in Microsoft’s Management Console (MMC), tracked as CVE-2025-26633 and nicknamed MSC EvilTwin. This critical flaw is being actively exploited by a threat group dubbed Water Gamayun and represents a dangerous vector… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-26633-eviltwin-exploit/
-
Canon CVE-2025-1268 Vulnerability: A Buffer Overflow Threatening Printer Security
Canon Marketing Japan Inc. and Canon Inc. have issued an important security update regarding a vulnerability in certain printer drivers. This Canon vulnerability, identified as CVE-2025-1268, affects a range of Canon printer models, including production printers, office multifunction devices, and small office multifunction devices. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/canon-printer-vulnerability-cve-2025-1268/
-
Privacy Roundup: Week 13 of Year 2025
Tags: access, ai, android, apple, application-security, breach, browser, cctv, chrome, cloud, cve, cybersecurity, data, detection, exploit, firmware, google, group, leak, linux, malware, microsoft, mobile, phishing, privacy, regulation, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, zero-dayThis is a news item roundup of privacy or privacy-related news items for 23 MAR 2025 – 29 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
CrushFTP Security Vulnerability Under Attack After PoC Release
A recently disclosed security vulnerability in CrushFTP, identified as CVE-2025-2825, has become the target of active exploitation attempts following the release of publicly available proof-of-concept (PoC) exploit code. Shadowserver Foundation, a reputable cybersecurity monitoring organization, disclosed the alarming surge in attacks based on the PoC via their official announcement on X. According to their analysis,…
-
CISA Warns of Cisco Smart Licensing Utility Credential Flaw Exploited in Attacks
Tags: advisory, attack, cisa, cisco, credentials, cve, cyber, cybersecurity, exploit, flaw, infrastructure, software, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning organizations about a critical vulnerability in Cisco’s Smart Licensing Utility (SLU) software that has reportedly been exploited in cyberattacks. The vulnerability, assigned CVE-2024-20439, stems from a static credential issue that could leave affected systems open to remote exploitation with potentially devastating consequences.…
-
U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Cisco disclosed two vulnerabilities in its Smart Licensing Utility: CVE-2024-20439,…
-
Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp
The threat actors behind the zero-day exploitation of a recently-patched security vulnerability in Microsoft Windows have been found to deliver two new backdoors called SilentPrism and DarkWisp.The activity has been attributed to a suspected Russian hacking group called Water Gamayun, which is also known as EncryptHub and LARVA-208.”The threat actor deploys payloads primarily by means…
-
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
A critical unauthenticated remote code execution (RCE) vulnerability in HPE Insight Cluster Management Utility (CMU) v8.2 allows attackers to bypass authentication and execute commands as root on high-performance computing (HPC) clusters, researchers revealed today. Tracked as CVE-2024-13804, the flaw exposes HPC environments to full cluster compromise through weaponized Java client applications. Technical Breakdown The vulnerability stems from…
-
New Malware Variant RESURGE Exploits Ivanti Vulnerability
CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-resurge-exploits-ivanti/
-
CISA warns new malware targeting Ivanti zero-day vulnerability
CVE-2025-0282, a critical vulnerability that affects Ivanti’s Connect Secure, Policy Secure;and ZTA Gateway products, was disclosed and patched in January. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-warns-malware-targeting-ivanti-zero-day/743967/
-
UK Cybersecurity Weekly News Roundup 31 March 2025
Tags: attack, best-practice, browser, chrome, computing, cryptography, cve, cyber, cybersecurity, exploit, flaw, framework, google, government, healthcare, incident, infrastructure, ransomware, risk, risk-assessment, software, threat, update, vulnerability, zero-dayUK Cybersecurity Weekly News Roundup – 31 March 2025 Welcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Warned of Inadequate Readiness Against State-Backed Cyberattacks Cybersecurity experts have sounded the alarm over the UK’s growing vulnerability to state-sponsored cyber threats. A…