Tag: cve
-
Yubico Warns of 2FA Security Flaw in pam-u2f for Linux and macOS Users
Tags: 2fa, advisory, authentication, cve, fido, flaw, linux, macOS, mfa, open-source, risk, software, threat, vulnerabilityYubico has released a security advisory, YSA-2025-01, which highlighted a vulnerability within the software module that supports two-factor authentication (2FA) for Linux and macOS platforms. This issue, tracked as CVE-2025-23013, allows for a partial 2FA bypass protections when using YubiKeys or other FIDO-compatible authenticators. The vulnerability poses a high-risk security threat and could potentially compromise…
-
PoC Exploit Released for QNAP RCE Vulnerability
A critical remote code execution (RCE) vulnerability, tracked as CVE-2024-53691, has recently come to light, affecting users of QNAP’s QTS and QuTS Hero operating systems. This vulnerability enables remote attackers with user access privileges to traverse the file system and run arbitrary code on affected systems. With a CVSS score of 8.7, the severity of…
-
Multiple HPE Aruba Network Vulnerabilities Allows Remote Arbitrary Code Execution
Hewlett Packard Enterprise (HPE) has confirmed multiple vulnerabilities in its Aruba Networking products that could allow remote arbitrary code execution. These vulnerabilities, CVE-2025-23051 and CVE-2025-23052, affect various versions of the AOS-8 and AOS-10 Operating Systems, specifically impacting Mobility Conductors, Controllers, and managed WLAN and SD-WAN Gateways. This advisory comes amid growing concerns within the cybersecurity…
-
A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks
A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. A severe vulnerability, tracked as CVE-2024-12365 (CVSS score of 8.5) in the WordPress W3 Total Cache plugin could expose metadata from internal services and cloud apps. The WordPress W3 Total Cache plugin is a…
-
CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks
Palo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products”, CVE-2025-0282 and CVE-2025-0283. First seen on securityonline.info Jump to article: securityonline.info/cl-unk-0979-exploit-zero-day-flaw-in-ivanti-connect-secure-to-gain-access-to-networks/
-
US hits back against China’s Salt Typhoon group
Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerabilityThe US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
-
U.S. CISA adds Fortinet FortiOS to its Known Exploited Vulnerabilities catalog
Tags: authentication, cisa, cve, cybersecurity, exploit, fortinet, infrastructure, kev, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiOS vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Fortinet FortiOS authorization bypass vulnerability, tracked as CVE-2024-55591 (CVSS score: 9.6) to its Known Exploited Vulnerabilities (KEV) catalog. Remote attackers can exploit the vulnerability to bypass authentication and gain…
-
Slew of WavLink vulnerabilities
Lilith >_> of Cisco Talos discovered these vulnerabilities. Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page, of the Wavlink AC3000 wireless router web application. The Wavlink AC3000 wireless router is one of the First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/slew-of-wavlink-vulnerabilities/
-
Microsoft January 2025 Patch Tuesday Comes with Fix for 159 Vulnerabilities
Microsoft’s January 2025 Patch Tuesday has arrived with a significant security update, addressing a total of 159 vulnerabilities. This marks the largest number of CVEs addressed in a single month since at least 2017, more than doubling the usual amount fixed in January. Out of the 159 CVEs, 11 are classified as critical security flaws.…
-
Critical Vulnerabilities CVE-2025-0282 and CVE-2025-0283 in Ivanti Connect Secure VPN Appliances
Summary On January 8, 2025, Ivanti disclosed two critical vulnerabilities, and, impacting Ivanti Connect Secure (ICS) VPN appliances. Notably, has been exploited in the wild First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/01/09/critical-vulnerabilities-cve-2025-0282-and-cve-2025-0283-in-ivanti-connect-secure-vpn-appliances/
-
CVE-2024-44243 macOS flaw allows persistent malware installation
Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection (SIP). Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with >>root
-
Microsoft Discovers macOS Flaw CVE-2024-44243, Bypassing SIP
CVE-2024-44243, a critical macOS vulnerability discovered recently by Microsoft, can allow attackers to bypass Apple’s System Integrity Protection… First seen on hackread.com Jump to article: hackread.com/microsoft-macos-flaw-cve-2024-44243-bypassing-sip/
-
Hackers Use CVE-2024-50603 to Deploy Backdoor on Aviatrix Controllers
A critical vulnerability (CVE-2024-50603) in the Aviatrix Controller allows unauthenticated RCE. Active exploitation observed by Wiz Research in… First seen on hackread.com Jump to article: hackread.com/hackers-cve-2024-50603-aviatrix-controllers-backdoor/
-
Zoom Security Update Patches Multiple Vulnerabilities That Let Attackers Escalate Privileges
Zoom Video Communications has released a critical security update addressing multiple vulnerabilities in its suite of applications, including a high-severity flaw that could allow attackers to escalate privileges. The company urges users to update their software immediately to mitigate potential risks. The most severe vulnerability, CVE-2025-0147, is a type confusion issue affecting the Zoom Workplace…
-
3 Actively Exploited Zero-Day Flaws Patched in Microsoft’s Latest Security Update
Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks.Of the 161 flaws, 11 are rated Critical, and 149 are rated Important in severity. One other flaw, a non-Microsoft CVE related to a Windows…
-
Fortinet confirms zero-day flaw used in attacks against its firewalls
Fortinet has confirmed the existence of a critical authentication bypass vulnerability in specific versions of FortiOS firewalls and FortiProxy secure web gateways. The flaw has been exploited in the wild since early December in what appears to be an indiscriminate and widespread campaign, according to cybersecurity firm Arctic Wolf.The fix for this zero-day is part…
-
CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild
Fortinet patched a zero day authentication bypass vulnerability in FortiOS and FortiProxy that has been actively exploited in the wild as a zero-day since November 2024. Background On January 14, Fortinet released a security advisory (FG-IR-24-535) addressing a critical severity vulnerability impacting FortiOS and FortiProxy. CVE Description CVSSv3 CVE-2024-55591 FortiOS and FortiProxy Authentication Bypass Vulnerability…
-
Microsoft Rings in 2025 With Record Security Update
Company has issued patches for an unprecedented 159 CVEs, including eight zero-days, three of which attackers are already exploiting. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-january-2025-record-security-update
-
BeyondTrust flaw CVE-2024-12686 exploited in the wild
BeyondTrust discovered the flaw last month while investigating breaches of a ‘limited number’ of SaaS customers at the hands of Chinese state-sponsored threat actors. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618092/CISA-BeyondTrust-flaw-CVE-2024-12686-exploited-in-the-wild
-
Microsoft fixes actively exploited Windows Hyper-V zero-day flaws
Microsoft has marked January 2025 Patch Tuesday with a hefty load of patches: 157 CVE-numbered security issues have been fixed in various products, three of which (in Hyper-V) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/14/january-2025-patch-tuesday-microsoft-hyper-v-zero-day-cve-2025-21333-cve-2025-21334-cve-2025-21335/
-
Apple Patches Flaw That Allows Kernel Security Bypassing
Microsoft Uncovered Flaw That Affects macOS System Integrity Protection Feature. Apple patched a vulnerability that allows hackers to bypass a key security feature in macOS by through third-party kernel extensions. Microsoft researchers uncovered the flaw tracked as CVE-2024-44243. The flaw could enable hackers to install rootkits and create malware with privileged access. First seen on…
-
Microsoft’s Massive Patch Tuesday Release Is ‘Ominous’ Sign For 2025: Researcher
Microsoft’s Patch Tuesday release for January 2025 constitutes the ‘largest number of CVEs addressed in any single month since at least 2017,’ according to Trend Micro’s Dustin Childs. First seen on crn.com Jump to article: www.crn.com/news/security/2025/microsoft-s-massive-patch-tuesday-release-is-ominous-sign-for-2025-researcher
-
Ivanti zero-day patching increases amid ongoing attacks
Recent scans conducted by the Shadowserver Foundation show many organizations have patched Ivanti instances vulnerable to CVE-2025-0282 over the last week. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617951/Ivanti-zero-day-patching-increases-amid-ongoing-attacks
-
CISA adds second BeyondTrust CVE to known exploited vulnerabilities list
Federal authorities are still working with the company to investigate a hack of Treasury Department workstations, but have not yet explained the CVEs’ specific roles in the attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-second-beyondtrust-cve-exploited/737288/
-
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions.The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug First…
-
U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2024-12686 (CVSS score of 6.6) The flaw is an OS Command Injection Vulnerability in BeyondTrust…
-
UK domain registry Nominet breached via Ivanti zero-day
The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/13/uk-domain-registry-nominet-breached-via-ivanti-zero-day-cve-2025-0282/