Tag: flaw
-
Critical FortiGate SSO Vulnerability Actively Exploited in Real-World Attacks
Fortinet’s FortiGate appliances face immediate threat from two critical authentication bypass vulnerabilities being actively exploited in production environments. Fortinet released advisories for CVE-2025-59718 and CVE-2025-59719 on December 9, 2025, identifying critical flaws in FortiCloud SSO authentication mechanisms. These vulnerabilities enable unauthenticated attackers to bypass SSO login protections through crafted SAML messages when FortiCloud SSO is…
-
Internet-Based Solar Panel Systems Vulnerable to Rapid Cyberattacks
The rapid global expansion of solar energy infrastructure has created an unprecedented cyber vulnerability. As millions of homes, businesses, and hospitals adopt renewable power sources supported by government initiatives like the U.S. Inflation Reduction Act and Europe’s Renewable Energy Directive. Security researchers have uncovered a critical flaw: many solar systems still rely on decades-old industrial…
-
OpenShift GitOps Vulnerability Allows Attackers to Escalate Privileges to Root
Red Hat has disclosed a significant security flaw in OpenShift GitOps that could allow authenticated users to take complete control of a cluster. Assigned the identifier CVE-2025-13888, this vulnerability allows namespace administrators to elevate their privileges beyond their intended scope, potentially gaining root access to the entire system. Category Information CVE ID CVE-2025-13888 Vendor Severity Important…
-
React2Shell attacks expand widely across multiple sectors
Researchers warn that state-linked and opportunistic actors are working to exploit flaws in React’s application tools. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/react2shell-attacks-expand-multiple-sectors/808030/
-
React2Shell attacks expand widely across multiple sectors
Researchers warn that state-linked and opportunistic actors are working to exploit flaws in React’s application tools. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/react2shell-attacks-expand-multiple-sectors/808030/
-
Hackers are exploiting critical Fortinet flaws days after patch release
Threat actors are exploiting two critical Fortinet flaws, tracked as CVE-2025-59718 and CVE-2025-59719, days after patch release, impacting multiple Fortinet products. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), in Fortinet products days after patch release, Arctic Wolf warns. Last week, Fortinet addressed 18 vulnerabilities, including the two flaws…
-
JumpCloud Windows Agent Flaw Enables Local Privilege Escalation
A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/jumpcloud-windows-agent-flaw/
-
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw affects JumpCloud Remote Assist for Windows versions prior to 0.317.0 and has been rated High severity (CVSS v4.0: 8.5). JumpCloud is a widely used cloud-based Directory-as-a-Service and…
-
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw affects JumpCloud Remote Assist for Windows versions prior to 0.317.0 and has been rated High severity (CVSS v4.0: 8.5). JumpCloud is a widely used cloud-based Directory-as-a-Service and…
-
Apple Patches More Zero-Days Used in ‘Sophisticated’ Attack
Two Apple zero-day vulnerabilities discovered this month have overlap with another mysterious zero-day flaw Google patched last week. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/apple-patches-more-zero-days-sophisticated-attack
-
U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Last week, Apple and…
-
U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Last week, Apple and…
-
Flaw in Hacktivist Ransomware Lets Victims Decrypt Own Files
A new version of VolkLocker, wielded by the pro-Russia RaaS group CyberVolk, has some key enhancements but one fatal flaw. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/flaw-hacktivist-ransomware-victims-decrypt-files
-
Atlassian fixed maximum severity flaw CVE-2025-66516 in Apache Tika
Atlassian released security updates to address dozens of flaws, including multiple critical-severity vulnerabilities. Atlassian addressed dozens of vulnerabilities impacting its products, including multiple critical-severity issues. One of the most severe bugs is a maximum-severity XML External Entity (XXE) injection flaw, tracked as CVE-2025-66516 (CVSS score of 10/10), in Apache Tika. CVE-2025-66516 carries a maximum CVSS rating…
-
FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations.The shortcomings, discovered by Horizon3.ai and reported to the project maintainers on September 15, 2025, are listed below -CVE-2025-61675 (CVSS score: 8.6) – Numerous First seen on…
-
Researcher Uncovers 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Tags: ai, attack, data, flaw, injection, intelligence, rce, remote-code-execution, theft, tool, vulnerabilityOver 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs) that combine prompt injection primitives with legitimate features to achieve data exfiltration and remote code execution.The security shortcomings have been collectively named IDEsaster by security researcher Ari Marzouk (MaccariTA), who discovered them First seen on thehackernews.com Jump to article:…
-
âš¡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiting critical flaws in the daily software we all rely on”, and in some cases, they started attacking before a fix was even ready.Below, we list the urgent updates you need…
-
CISA orders immediate patching as GeoServer flaw faces active exploitation
Why patching alone may not be enough: While CISA has mandated patching for federal agencies, experts caution that speed is often constrained by operational realities, including asset discovery, dependency mapping, and change-management windows, that can slow even well-resourced teams.”When vulnerabilities are disclosed in widely deployed platforms like GeoServer, almost no federal agency can realistically patch…
-
CISA orders immediate patching as GeoServer flaw faces active exploitation
Why patching alone may not be enough: While CISA has mandated patching for federal agencies, experts caution that speed is often constrained by operational realities, including asset discovery, dependency mapping, and change-management windows, that can slow even well-resourced teams.”When vulnerabilities are disclosed in widely deployed platforms like GeoServer, almost no federal agency can realistically patch…
-
CISA orders immediate patching as GeoServer flaw faces active exploitation
Why patching alone may not be enough: While CISA has mandated patching for federal agencies, experts caution that speed is often constrained by operational realities, including asset discovery, dependency mapping, and change-management windows, that can slow even well-resourced teams.”When vulnerabilities are disclosed in widely deployed platforms like GeoServer, almost no federal agency can realistically patch…
-
Top 25 Most Dangerous Software Weaknesses of 2025 Revealed
MITRE has released its Top 25 CWE list for 2025, compiled from software and hardware flaws behind almost 40,000 CVEs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/top-25-dangerous-software/
-
Critical Plesk Vulnerability Allows Users to Gain Root-Level Access
A critical security vulnerability has been discovered in Plesk, a widely used web hosting control panel, that enables unauthorised users to escalate privileges and gain root-level access to affected systems. This flaw poses a significant threat to web hosting providers and organisations that rely on Plesk for server management. Vulnerability Overview The vulnerability allows malicious…
-
Critical pgAdmin Flaw Allows Attackers to Execute Shell Commands on Host
A new critical vulnerability in pgAdmin 4 allows remote attackers to bypass security filters and execute arbitrary shell commands on the host server. The flaw, tracked as CVE-2025-13780, exploits a weakness in how the popular PostgreSQL management tool processes database restoration files. CVE ID CVE-2025-13780 Severity Critical Vulnerability Type Remote Code Execution (RCE) Affected Component…
-
Windows Remote Access Connection Manager Flaw Allows Arbitrary Code Execution
Security researchers have uncovered a critical unpatched vulnerability in the Windows Remote Access Connection Manager (RasMan) service that enables attackers to crash the service and facilitate local arbitrary code execution with Local System privileges. This discovery emerged during an investigation of CVE-2025-59230, which Microsoft patched in October 2025. CVE-2025-59230 represents an elevation-of-privilege vulnerability conceptually similar…
-
CISA Adds Actively Exploited Sierra Router Flaw to KEV Catalog
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, router, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalogue, warning organisations about active exploitation in the wild. Critical File Upload Vulnerability Under Active Attack The vulnerability, tracked as CVE-2018-4063, involves an unrestricted file upload with a dangerous type weakness…