Tag: flaw
-
SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances
SonicWall has rolled out fixes to address a security flaw in Secure Mobile Access (SMA) 100 series appliances that it said has been actively exploited in the wild.The vulnerability, tracked as CVE-2025-40602 (CVSS score: 6.6), concerns a case of local privilege escalation that arises as a result of insufficient authorization in the appliance management console…
-
Critical React2Shell flaw exploited in ransomware attacks
A ransomware gang exploited the critical React2Shell vulnerability (CVE-2025-55182) to gain initial access to corporate networks and deployed the file-encrypting malware less than a minute later. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-react2shell-flaw-exploited-in-ransomware-attacks/
-
Motors WordPress Vulnerability Exposes Sites to Takeover
A critical flaw in the Motors WordPress theme affecting more than 20,000 installations allows low-privileged users to gain full control of websites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/motors-wordpress-flaw-takeover/
-
Actively Exploited Fortinet Flaws Enable Security Appliance Takeover
Attackers are actively exploiting Fortinet flaws to bypass authentication and take over security appliances. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/actively-exploited-fortinet-flaws-enable-security-appliance-takeover/
-
JumpCloud agent turns uninstall into a system shortcut
Full privilege escalation and denial of service: The vulnerability opens two primary exploitation vectors with significant operational impact: full privilege escalation to system level, and denial of service (DoS).By manipulating filesystem paths and leveraging race conditions, an attacker can redirect the uninstaller’s operations to delete or overwrite protected installer configuration targets, ultimately triggering techniques that…
-
JumpCloud agent turns uninstall into a system shortcut
Full privilege escalation and denial of service: The vulnerability opens two primary exploitation vectors with significant operational impact: full privilege escalation to system level, and denial of service (DoS).By manipulating filesystem paths and leveraging race conditions, an attacker can redirect the uninstaller’s operations to delete or overwrite protected installer configuration targets, ultimately triggering techniques that…
-
JumpCloud agent turns uninstall into a system shortcut
Full privilege escalation and denial of service: The vulnerability opens two primary exploitation vectors with significant operational impact: full privilege escalation to system level, and denial of service (DoS).By manipulating filesystem paths and leveraging race conditions, an attacker can redirect the uninstaller’s operations to delete or overwrite protected installer configuration targets, ultimately triggering techniques that…
-
BlindEagle Targets Colombian Government Agency with Caminho and DCRAT
Tags: access, attack, authentication, cloud, communications, control, cybercrime, defense, detection, dkim, dmarc, dns, email, encryption, flaw, government, group, infrastructure, injection, Internet, malicious, malware, microsoft, open-source, phishing, powershell, rat, service, spear-phishing, startup, tactics, threat, tool, update, usa, windowsIntroductionIn early September 2025, Zscaler ThreatLabz discovered a new spear phishing campaign attributed to BlindEagle, a threat actor who operates in South America and targets users in Spanish-speaking countries, such as Colombia. In this campaign, BlindEagle targeted a government agency under the control of the Ministry of Commerce, Industry and Tourism (MCIT) in Colombia using…
-
U.S. CISA adds a flaw in multiple Fortinet products to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a vulnerability impacting multiple products to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability, tracked as CVE-2025-59718 (CVSS Score of 9.1), to its Known Exploited Vulnerabilities (KEV) catalog. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1),…
-
NVIDIA Isaac Lab Flaw Enables Remote Code Execution
NVIDIA has disclosed a critical security vulnerability in Isaac Lab, a component of the NVIDIA Isaac Sim framework, that could allow attackers to execute arbitrary code remotely. The company released security patches in December 2025 to address the deserialization flaw tracked as CVE-2025-32210. CVE ID Description CVSS Score Severity CWE CVE-2025-32210 Deserialization vulnerability in NVIDIA Isaac…
-
CISA Alerts on Actively Exploited Gladinet CentreStack and Triofox Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert regarding a critical security vulnerability affecting Gladinet CentreStack and Triofox. The agency has added this flaw to its Known Exploited Vulnerabilities (KEV) catalog, indicating that hackers are actively exploiting it in attacks. The vulnerability, identified as CVE-2025-14611, involves a serious issue with how these…
-
Chrome Security Update Fixes Remote Code Execution Flaws
Tags: browser, chrome, cyber, flaw, google, linux, remote-code-execution, update, vulnerability, windowsGoogle has released an emergency security update for the Chrome browser, addressing two high-severity vulnerabilities that could enable remote code execution attacks. The stable channel update version 143.0.7499.146/.147 is now rolling out to Windows, Mac, and Linux users.”‹ Critical Vulnerabilities Patched The update fixes two significant security flaws reported by external security researchers. The first…
-
CISA Alerts on Actively Exploited Gladinet CentreStack and Triofox Flaws
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert regarding a critical security vulnerability affecting Gladinet CentreStack and Triofox. The agency has added this flaw to its Known Exploited Vulnerabilities (KEV) catalog, indicating that hackers are actively exploiting it in attacks. The vulnerability, identified as CVE-2025-14611, involves a serious issue with how these…
-
FortiGate firewall credentials being stolen after vulnerabilities discovered
Tags: access, advisory, ai, attack, authentication, best-practice, breach, ceo, cisa, credentials, cve, cyberattack, cybersecurity, data, data-breach, exploit, firewall, flaw, fortinet, hacker, infrastructure, Internet, kev, least-privilege, login, malicious, network, password, software, theft, threat, update, vulnerabilityCSO. “So far, the pattern of activity has appeared to be opportunistic in nature. While it is difficult to estimate the number of devices directly vulnerable to this vulnerability, there are hundreds of thousands of Fortinet appliances accessible on the public internet through specialized search engines. This allows threat actors to opportunistically attempt exploitation against…
-
Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw
Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/google-finds-five-china-nexus-groups-exploiting-react2shell-flaw/
-
Google Finds Five China-Nexus Groups Exploiting React2Shell Flaw
Researchers with Google Threat Intelligence Group have detected five China-nexus threat groups exploiting the maximum-security React2Shell security flaw to drop a number of malicious payloads, from backdoors to downloaders to tunnelers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/google-finds-five-china-nexus-groups-exploiting-react2shell-flaw/
-
OpenShift GitOps Vulnerability Allows Attackers to Escalate Privileges to Root
Red Hat has disclosed a significant security flaw in OpenShift GitOps that could allow authenticated users to take complete control of a cluster. Assigned the identifier CVE-2025-13888, this vulnerability allows namespace administrators to elevate their privileges beyond their intended scope, potentially gaining root access to the entire system. Category Information CVE ID CVE-2025-13888 Vendor Severity Important…
-
Internet-Based Solar Panel Systems Vulnerable to Rapid Cyberattacks
The rapid global expansion of solar energy infrastructure has created an unprecedented cyber vulnerability. As millions of homes, businesses, and hospitals adopt renewable power sources supported by government initiatives like the U.S. Inflation Reduction Act and Europe’s Renewable Energy Directive. Security researchers have uncovered a critical flaw: many solar systems still rely on decades-old industrial…
-
Critical FortiGate SSO Vulnerability Actively Exploited in Real-World Attacks
Fortinet’s FortiGate appliances face immediate threat from two critical authentication bypass vulnerabilities being actively exploited in production environments. Fortinet released advisories for CVE-2025-59718 and CVE-2025-59719 on December 9, 2025, identifying critical flaws in FortiCloud SSO authentication mechanisms. These vulnerabilities enable unauthenticated attackers to bypass SSO login protections through crafted SAML messages when FortiCloud SSO is…
-
Internet-Based Solar Panel Systems Vulnerable to Rapid Cyberattacks
The rapid global expansion of solar energy infrastructure has created an unprecedented cyber vulnerability. As millions of homes, businesses, and hospitals adopt renewable power sources supported by government initiatives like the U.S. Inflation Reduction Act and Europe’s Renewable Energy Directive. Security researchers have uncovered a critical flaw: many solar systems still rely on decades-old industrial…
-
React2Shell attacks expand widely across multiple sectors
Researchers warn that state-linked and opportunistic actors are working to exploit flaws in React’s application tools. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/react2shell-attacks-expand-multiple-sectors/808030/
-
React2Shell attacks expand widely across multiple sectors
Researchers warn that state-linked and opportunistic actors are working to exploit flaws in React’s application tools. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/react2shell-attacks-expand-multiple-sectors/808030/
-
Hackers are exploiting critical Fortinet flaws days after patch release
Threat actors are exploiting two critical Fortinet flaws, tracked as CVE-2025-59718 and CVE-2025-59719, days after patch release, impacting multiple Fortinet products. Threat actors started exploiting two critical flaws, tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.1), in Fortinet products days after patch release, Arctic Wolf warns. Last week, Fortinet addressed 18 vulnerabilities, including the two flaws…
-
JumpCloud Windows Agent Flaw Enables Local Privilege Escalation
A flaw in JumpCloud Remote Assist for Windows has exposed managed endpoints to local privilege escalation and denial-of-service attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/jumpcloud-windows-agent-flaw/
-
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw affects JumpCloud Remote Assist for Windows versions prior to 0.317.0 and has been rated High severity (CVSS v4.0: 8.5). JumpCloud is a widely used cloud-based Directory-as-a-Service and…
-
JumpCloud Remote Assist Windows Agent Vulnerability Allows Privilege Escalation
A critical local privilege escalation vulnerability in the JumpCloud Remote Assist for Windows agent allows any low-privileged user on a Windows system to gain NT AUTHORITY\SYSTEM privileges or crash the machine. Tracked as CVE-2025-34352, the flaw affects JumpCloud Remote Assist for Windows versions prior to 0.317.0 and has been rated High severity (CVSS v4.0: 8.5). JumpCloud is a widely used cloud-based Directory-as-a-Service and…