Tag: flaw
-
SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws
SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities that require immediate attention from organizations utilizing SAP infrastructure. The most severe vulnerabilities have a CVSS score of 10.0,…
-
SAP Releases Security Update to Fix Critical Code Execution and Injection Flaws
SAP has released a significant security update addressing 18 new vulnerabilities across its enterprise software portfolio, including several critical flaws related to code execution and data injection. This monthly security patch day features four high-severity vulnerabilities that require immediate attention from organizations utilizing SAP infrastructure. The most severe vulnerabilities have a CVSS score of 10.0,…
-
Hackers Exploit Critical Flaw in Gladinet’s Triofox File Sharing Product
Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-critical-flaw/
-
Hackers Exploit Critical Flaw in Gladinet’s Triofox File Sharing Product
Threat actors were exploiting vulnerable versions of Triofox after a patched version was released, said Google Cloud researchers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/hackers-exploit-critical-flaw/
-
Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie
Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability…
-
U.S. CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Samsung mobile devices flaw, tracked as CVE-2025-21042 (CVSS score of 8.8), to its Known Exploited Vulnerabilities (KEV) catalog. The now-patched Samsung Galaxy flaw CVE-2025-21042 was exploited as a zero-day…
-
Devolutions Server Flaw Allows Attackers to Impersonate Users via Pre-MFA Cookie
Devolutions Server has been found vulnerable to a critical security flaw that allows low-privileged authenticated users to impersonate other accounts by replaying pre-MFA cookies. The vulnerability, identified as CVE-2025-12485, carries a critical CVSS score of 9.4 and affects all versions up to 2025.3.5. The company has released patches to address this and a second vulnerability…
-
Critical Triofox bug exploited to run malicious payloads via AV configuration
Hackers exploited Triofox flaw CVE-2025-12480 to bypass auth and install remote access tools via the platform’s antivirus feature. Google’s Mandiant researchers spotted threat actors exploiting a now-patched Triofox flaw, tracked as CVE-2025-12480 (CVSS score of 9.1) that allows them to bypass authentication to upload and run remote access tools via the platform’s antivirus feature. Mandiant…
-
Researchers Uncover Critical runC Bugs Allowing Full Container Escape
Security researchers have revealed three serious vulnerabilities in runC, the Open Container Initiative (OCI)-compliant runtime that powers platforms such as Docker and Kubernetes, which could allow attackers to break container isolation and gain control of the host system. The flaws, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, stem from weaknesses in how runC manages temporary bind…
-
Researchers Uncover Critical runC Bugs Allowing Full Container Escape
Security researchers have revealed three serious vulnerabilities in runC, the Open Container Initiative (OCI)-compliant runtime that powers platforms such as Docker and Kubernetes, which could allow attackers to break container isolation and gain control of the host system. The flaws, tracked as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, stem from weaknesses in how runC manages temporary bind…
-
CISA Issues Alert on Samsung 0-Day RCE Flaw Actively Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, mobile, rce, remote-code-execution, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. Tracked as CVE-2025-21042, this zero-day flaw resides in Samsung’s libimagecodec library. It could allow attackers to bypass security protections and execute arbitrary code…
-
CISA Issues Alert on Samsung 0-Day RCE Flaw Actively Exploited in Attacks
Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, mobile, rce, remote-code-execution, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has added a critical remote code execution vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities (KEV) catalog, signaling active exploitation in the wild. Tracked as CVE-2025-21042, this zero-day flaw resides in Samsung’s libimagecodec library. It could allow attackers to bypass security protections and execute arbitrary code…
-
Hackers Exploit Triofox 0-Day to Deploy Malicious Payloads Using Anti-Virus Feature
Tags: authentication, cyber, cybersecurity, defense, exploit, flaw, hacker, malicious, mandiant, threat, virus, vulnerability, zero-dayCybersecurity researchers from Mandiant Threat Defense have uncovered a critical zero-day vulnerability in Gladinet’s Triofox file-sharing platform that allowed attackers to bypass authentication and execute malicious code with system-level privileges. The vulnerability, tracked as CVE-2025-12480, was actively exploited by the threat actor group UNC6485 as early as August 24, 2025. The flaw affected Triofox version 16.4.10317.56372 and has…
-
Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature
Google’s Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet’s Triofox file-sharing and remote access platform.The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads. The First seen…
-
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/popular-javascript-library-expr-eval-vulnerable-to-rce-flaw/
-
Denmark and Norway investigate Yutong bus security flaw amid rising tech fears
Denmark and Norway probe a security flaw in Chinese-made Yutong buses, deepening European fears over reliance on Chinese tech and potential cyber risks. Bus operators in Denmark and Norway are urgently probing a security vulnerability in Chinese-made Yutong electric buses, raising concerns about Western dependence on Chinese technology. The issue highlights growing European fears that…
-
Denmark and Norway investigate Yutong bus security flaw amid rising tech fears
Denmark and Norway probe a security flaw in Chinese-made Yutong buses, deepening European fears over reliance on Chinese tech and potential cyber risks. Bus operators in Denmark and Norway are urgently probing a security vulnerability in Chinese-made Yutong electric buses, raising concerns about Western dependence on Chinese technology. The issue highlights growing European fears that…
-
Louvre Museum’s Camera Network Password Was Reportedly Just “Louvre”
Louvre Museum’s surveillance network reportedly used the password “Louvre,” exposing major cybersecurity and human flaws after an Euro88 million jewel theft. First seen on hackread.com Jump to article: hackread.com/louvre-museums-security-camera-louvr-password/
-
Louvre Museum’s Camera Network Password Was Reportedly Just “Louvre”
Louvre Museum’s surveillance network reportedly used the password “Louvre,” exposing major cybersecurity and human flaws after an Euro88 million jewel theft. First seen on hackread.com Jump to article: hackread.com/louvre-museums-security-camera-louvr-password/
-
Louvre Museum’s Camera Network Password Was Reportedly Just “Louvre”
Louvre Museum’s surveillance network reportedly used the password “Louvre,” exposing major cybersecurity and human flaws after an Euro88 million jewel theft. First seen on hackread.com Jump to article: hackread.com/louvre-museums-security-camera-louvr-password/
-
Runtime bugs break container walls, enabling root on Docker hosts
Console and Write-Gadget Lurkers: CVE-2025-52565 & CVE-2025-52881: The second vulnerability, tracked as CVE-2025-52565, targets “/dev/console” bind-mount handling. An attacker can replace the target path with a symlink, which will cause runc to bind-mount the wrong target, allowing the attacker to gain write access to procfs paths.”As with CVE-2025-31133, this happens after pivot_root(2) and so cannot…
-
Runtime bugs break container walls, enabling root on Docker hosts
Console and Write-Gadget Lurkers: CVE-2025-52565 & CVE-2025-52881: The second vulnerability, tracked as CVE-2025-52565, targets “/dev/console” bind-mount handling. An attacker can replace the target path with a symlink, which will cause runc to bind-mount the wrong target, allowing the attacker to gain write access to procfs paths.”As with CVE-2025-31133, this happens after pivot_root(2) and so cannot…
-
Runtime bugs break container walls, enabling root on Docker hosts
Console and Write-Gadget Lurkers: CVE-2025-52565 & CVE-2025-52881: The second vulnerability, tracked as CVE-2025-52565, targets “/dev/console” bind-mount handling. An attacker can replace the target path with a symlink, which will cause runc to bind-mount the wrong target, allowing the attacker to gain write access to procfs paths.”As with CVE-2025-31133, this happens after pivot_root(2) and so cannot…
-
Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover
Monsta FTP users must update now! A critical pre-authentication flaw (CVE-2025-34299) allows hackers to fully take over web servers. Patch to version 2.11.3 immediately. First seen on hackread.com Jump to article: hackread.com/monsta-ftp-flaw-web-servers-open-server-takeover/
-
Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover
Monsta FTP users must update now! A critical pre-authentication flaw (CVE-2025-34299) allows hackers to fully take over web servers. Patch to version 2.11.3 immediately. First seen on hackread.com Jump to article: hackread.com/monsta-ftp-flaw-web-servers-open-server-takeover/
-
LangGraph Deserialization Flaw Enables Execution of Malicious Python Code
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component, which is the default serialization protocol used for all checkpointing operations. This vulnerability (CVE-2025-64439) allows attackers to execute arbitrary Python code during the deserialization of malicious payloads. Attribute Details CVE…
-
LangGraph Deserialization Flaw Enables Execution of Malicious Python Code
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component, which is the default serialization protocol used for all checkpointing operations. This vulnerability (CVE-2025-64439) allows attackers to execute arbitrary Python code during the deserialization of malicious payloads. Attribute Details CVE…
-
Hackers Abuse runc Tool to Escape Containers and Compromise Hosts
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, were revealed by a SUSE researcher on November 5, 2025. CVE ID Affected Versions Fixed…
-
Hackers Abuse runc Tool to Escape Containers and Compromise Hosts
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881, were revealed by a SUSE researcher on November 5, 2025. CVE ID Affected Versions Fixed…