Tag: cve
-
Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week
In its latest research report, cybersecurity firm Veriti has spotted active exploitation of a vulnerability within OpenAI’s ChatGPT… First seen on hackread.com Jump to article: hackread.com/hackers-exploit-chatgpt-cve-2024-27564-10000-attacks/
-
New Steganographic Malware Hides in JPG Files to Deploy Multiple Password Stealers
A recent cybersecurity threat has emerged in the form of a steganographic campaign that uses seemingly harmless JPG files to distribute multiple types of malware, including password stealers like Remcos and AsyncRAT. This sophisticated attack begins with a phishing email containing a malicious Excel document that exploits a known vulnerability, CVE-2017-0199, to initiate the infection…
-
Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure
A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure.The vulnerability, tracked as CVE-2025-24813, affects the below versions -Apache Tomcat 11.0.0-M1 to 11.0.2Apache Tomcat 10.1.0-M1 to 10.1.34Apache Tomcat 9.0.0-M1 to 9.0.98It concerns a First…
-
What Is Exposure Management and Why Does It Matter?
Tags: access, attack, breach, business, ciso, cloud, compliance, credentials, cve, cyber, cybersecurity, data, data-breach, group, identity, infrastructure, iot, metric, password, phishing, risk, service, software, technology, threat, tool, vulnerability, vulnerability-managementEach Monday, the Tenable Exposure Management Academy will provide the practical, real-world guidance you need to shift from vulnerability management to exposure management. In our first blog in this new series, we get you started with an overview of the differences between the two and explore how cyber exposure management can benefit your organization. Traditional…
-
Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year
An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024.The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on susceptible…
-
Neue Superblack-Ransomware nutzt Fortinet-Schwachstelle aus
Am 14. Januar veröffentlichte Fortinet die Bestätigung einer Zero-Day-Schwachstelle, die FortiOS- und Fortiproxy-Produkte betrifft und als CVE-2024-55591 bezeichnet wurde. Am 11. Februar bestätigte das Unternehmen eine weitere Schwachstelle mit der Bezeichnung CVE-2025-24472. Die neue Superblack-Ransomeware nützt die letztgenannte Fortinet-Schwachstelle zur Umgehung der Autorisierung aus, wie jüngst berichtet wurde. Stefan Hostetler, Lead Threat Intelligence Researcher bei…
-
Critical RCE flaw in Apache Tomcat actively exploited in attacks
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-rce-flaw-in-apache-tomcat-actively-exploited-in-attacks/
-
Wazuh SIEM Vulnerability Enables Remote Malicious Code Execution
A critical vulnerability, identified as CVE-2025-24016, has been discovered in the Wazuh Security Information and Event Management (SIEM) platform. This vulnerability affects versions 4.4.0 to 4.9.0 and allows attackers with API access to execute arbitrary Python code remotely, potentially leading to complete system compromise. The flaw stems from the unsafe deserialization of Distributed API (DAPI)…
-
Microsoft Update Catalog: Sicherheitsrisiko durch Rechteerweiterungen (CVE-2024-49147)
Ich stelle noch eine Sicherheitsmeldung hier im Blog ein, die mir bereits seit Mitte Dezember 2024 vorliegt, aber “hängen geblieben ist”. Im Microsoft Update-Katalog gab es eine kritische Schwachstelle CVE-2024-49147, die im Microsoft Update Catalog Rechteerweiterungen ermöglichte. Diese Schwachstelle wurde … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/15/microsoft-update-catalog-sicherheitsrisiko-durch-rechteerweiterungen-cve-2024-49147/
-
Imperva Protects Against the Apache Camel Vulnerabilities
Introduction: Understanding the Apache Camel Flaw On March 9, 2025, Apache released a security advisory for CVE-2025-27636, a vulnerability in the Apache Camel framework that allows attackers to bypass header filtering via miscased headers. Although rated as moderate, this vulnerability specifically affects configurations that use HTTP server components (such as camel-servlet, camel-jetty, camel-undertow, camel-platform-http, or……
-
Report on ransomware attacks on Fortinet firewalls also reveals possible defenses
Tags: access, attack, authentication, automation, backdoor, backup, ciso, control, credentials, cve, cybercrime, data, data-breach, defense, exploit, firewall, fortinet, group, infrastructure, Internet, lockbit, malicious, monitoring, network, password, radius, ransom, ransomware, risk, router, tactics, threat, tool, update, vpn, vulnerability, windowsSigns of intrusion: “This actor exhibits a distinct operational signature that blends elements of opportunistic attacks with ties to the LockBit ecosystem,” Forescout said in its analysis.”Mora_001’s relationship to the broader Lockbit’s ransomware operations underscores the increased complexity of the modern ransomware landscape where specialized teams collaborate to leverage complementary capabilities.”CISOs should note these consistent…
-
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
Tags: botnet, cctv, cve, cyber, exploit, injection, intelligence, Internet, iot, malware, rce, remote-code-execution, vulnerabilityA recent alert from the Akamai Security Intelligence and Response Team (SIRT) has highlighted the exploitation of a severe command injection vulnerability in Edimax Internet of Things (IoT) devices. This vulnerability, designated as CVE-2025-1316, has been actively used by multiple botnets to spread Mirai malware. Mirai is notorious for compromising IoT devices and orchestrating distributed…
-
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to launch denial-of-service (DoS) attacks. The vulnerability, identified as CVE-2025-20115, affects the Border Gateway Protocol (BGP) confederation implementation. The CVE-2025-20115 vulnerability affects the Border Gateway Protocol (BGP) confederation implementation in Cisco IOS XR Software, potentially allowing…
-
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via Security Assertion Markup Language (SAML) on the service provider side. The vulnerabilities, designated as CVE-2025-25291 and CVE-2025-25292, allow attackers to bypass authentication and conduct account takeover attacks if they possess a valid signature created with…
-
Pre-authentication SQL Injection to RCE in GLPI (CVE-2025-24799 / CVE-2025-24801)
Summary A significant vulnerability has been identified in GLPI, a popular open-source IT asset management tool. This vulnerability, tracked as CVE-2025-24799 and CVE-2025-24801, allows an First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/03/14/pre-authentication-sql-injection-to-rce-in-glpi-cve-2025-24799-cve-2025-24801/
-
One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild
A devastating new remote code execution (RCE) vulnerability, CVE-2025-24813, is now actively exploited in the wild. Attackers need just one PUT API request to take over vulnerable Apache Tomcat servers. The exploit, originally published by a Chinese forum user iSee857, is already available online: CVE-2025-24813 PoC by iSee857. Exploit Breakdown: How a Simple PUT Request…
-
U.S. CISA adds Apple products and Juniper Junos OS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Appleproducts and Juniper Junos OSflaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2025-21590 is an Improper Isolation or Compartmentalization issue in the kernel of Juniper Networks Junos OS…
-
GitLab addressed critical auth bypass flaws in CE and EE
GitLab addressed two critical authentication bypass vulnerabilities in Community Edition (CE) and Enterprise Edition (EE). GitLab released security updates to address critical vulnerabilities in Community Edition (CE) and Enterprise Edition (EE). The company addressed nine vulnerabilities, including the two critical ruby-saml authentication bypass issues respectively tracked as CVE-2025-25291 and CVE-2025-25292. GitLab CE/EE versions 17.7.7, 17.8.5,…
-
CVE-2025-27363: FreeType Vulnerability in Meta Exploited in the Wild
Meta has issued a security advisory regarding a newly discovered vulnerability in the FreeType open-source font rendering library. Tracked as CVE-2025-27363, this flaw has been assigned a CVSS score of 8.1, categorizing it as a high-severity issue. Security experts warn… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/cve-2025-27363-freetype-meta-vulnerability/
-
Schwachstelle in der Sitecore-Experience-Platform ermöglicht RemoteExecution ohne Authentifizierung
Die kürzlich entdeckte Schwachstelle CVE-2025-27218 ist eine nicht autorisierte Sicherheitsanfälligkeit für Remotecodeausführung (Remote-Control-Execution, RCE) und betrifft die Sitecore-Experience-Platform und die Experience-Manager Version 10.4 vor KB1002844. Obwohl die Schwachstelle keine Authentifizierung erfordert und RCE ermöglicht, wurde sie mit einem seltsam gering erscheinenden CVSS-Ranking von 5,3 eingestuft. Über einen Hotfix des Herstellers ist die Vulnerability gepatcht. Forscher…
-
Apache NiFi Vulnerability Exposes MongoDB Credentials to Attackers
A critical security vulnerability has been identified in Apache NiFi, a popular open-source data integration tool. The vulnerability, tracked as CVE-2025-27017, allows authorized users with read access to the system to view sensitive credentials used to connect to MongoDB databases. This security flaw affects multiple versions of Apache NiFi, prompting urgent action from users to…
-
Microsoft Finally Patches 2-Year-Old Windows Kernel Security Flaw
Microsoft has released a critical patch for a 2-year-old Windows kernel security vulnerability. This vulnerability, identified as CVE-2025-24983, allows attackers to exploit a weakness in the Windows Win32 Kernel Subsystem, leading to an elevation of privilege. The patch comes after extensive research by security experts, who first detected the exploit in the wild in March…
-
Meta warns of actively exploited flaw in FreeType library
Meta warned that a vulnerability, tracked as CVE-2025-27363, impacting the FreeType library may have been exploited in the wild. Meta warned that an out-of-bounds write flaw, tracked as CVE-2025-27363 (CVSS score of 8.1), in the FreeType library may have been actively exploited in attacks. >>An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to…
-
FreeType Vulnerability Actively Exploited for Arbitrary Code Execution
A significant vulnerability has been identified in the FreeType library, a widely used open-source font rendering engine. This vulnerability tracked as CVE-2025-27363, is being actively exploited and may lead to arbitrary code execution on affected systems. Overview of the Vulnerability: The vulnerability exists in FreeType versions 2.13.0 and below, specifically when the library attempts to…
-
Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk
Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild.The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when…
-
Patch Tuesday Update March 2025
In total, including third-party CVEs, in this Patch Tuesday edition, Microsoft published 57 CVEs, and republished 10 additional CVEs, including 6 Zero-Day, 6 Critical, and 50 Important”, with 6 Zero-Days actively exploited in the wild. From an Impact perspective, Escalation of Privilege (EoP) vulnerabilities accounted for 46%, followed by Remote Code Execution (RCE) at 41%…
-
CVE-2025-24201: Apple Addresses Zero-Day Exploit in WebKit
Apple has released an important security update to fix a newly discovered zero-day vulnerability that has reportedly been exploited in >>extremely sophisticated