Tag: vulnerability
-
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: Cisco reported a December 10 campaign…
-
More than half of public vulnerabilities bypass leading WAFs
Miggo Security has released a new report that examines how web application firewalls are used across real-world security programs. The research outlines the role WAFs play as … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/18/miggo-research-waf-vulnerability-bypass/
-
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges
SonicWall has issued an urgent security advisory warning of active exploitation of a local privilege escalation vulnerability affecting its SMA1000 appliances. The flaw, tracked as CVE-2025-40602, enables attackers with management console access to gain elevated privileges and potentially achieve complete system control. The vulnerability stems from insufficient authorization checks in the SonicWall SMA1000 Appliance Management…
-
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation and processing. The vulnerability resides in Apache Commons Text’s interpolation features, which are designed to…
-
Critical Apache Commons Text Flaw Lets Hackers Execute Remote Code
A critical remote code execution vulnerability has been discovered in Apache Commons Text, affecting all versions prior to 1.10.0. The flaw, tracked as CVE-2025-46295, poses a significant security risk to organizations relying on the widely-used Java library for text manipulation and processing. The vulnerability resides in Apache Commons Text’s interpolation features, which are designed to…
-
Cisco Warns of Active Cyberattack Exploiting Critical AsyncOS Vulnerability
Cisco has identified an ongoing cyberattack campaign exploiting vulnerabilities in a subset of its appliances running Cisco AsyncOS Software. The attack specifically affects Cisco Secure Email Gateway and Cisco Secure Email and Web Manager appliances, allowing threat actors to execute arbitrary commands with root privileges. This campaign has been tracked under CVE-2025-20393 and has been classified as critical with a CVSS 10.0 rating. First seen on thecyberexpress.com…
-
Critical Node.js Library Flaw Lets Hackers Execute Remote Commands on Windows
A severe command injection vulnerability has been discovered in systeminformation, a widely-used Node.js library for retrieving system information. The flaw, tracked as CVE-2025-68154, allows attackers to execute arbitrary commands on Windows systems when applications pass user input to the vulnerable function. The vulnerability exists in the fsSize() function, which retrieves disk space information but fails…
-
Cisco AsyncOS 0-Day Allows Remote Execution of System Commands
Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level commands remotely and deploy sophisticated backdoors on compromised systems. The threat actor behind this campaign, tracked as UAT-9686, is assessed…
-
Cisco AsyncOS 0-Day Allows Remote Execution of System Commands
Cisco Talos has uncovered an active campaign exploiting a zero-day vulnerability in Cisco AsyncOS Software, affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The security flaw enables attackers to execute system-level commands remotely and deploy sophisticated backdoors on compromised systems. The threat actor behind this campaign, tracked as UAT-9686, is assessed…
-
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, malicious, supply-chain, update, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The vulnerability, tracked as CVE-2025-59374 (CVSS score: 9.3), has been described as an “embedded malicious code vulnerability” introduced by means of a supply chain compromise First…
-
CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited
Tags: access, advisory, attack, authentication, control, cve, cyber, data, exploit, firewall, flaw, injection, international, mobile, ransomware, sql, vulnerability, zero-dayA zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 was reportedly exploited in the wild in a chained attack with CVE-2025-23006. Key takeaways: CVE-2025-40602 is a local privilege escalation vulnerability in the appliance management console (AMC) of the SonicWall SMA 1000 appliance. CVE-2025-40602 has been exploited in a chained attack with CVE-2025-23006, a deserialization…
-
Microsoft warns MSMQ may fail after update, breaking apps
MSMQ becoming inactive;Internet Information Services (IIS) sites failing with “Insufficient resources to perform operation” errors;applications unable to write to queues;errors such as “The message file ‘C:\Windows\System32\msmq\storage*.mq’ cannot be created” when creating message files;misleading log entries such as “There is insufficient disk space or memory”, despite sufficient disk space and memory being available.Affected are servers running…
-
‘Ink Dragon’ threat group targets IIS servers to build stealthy global network
Tags: access, attack, china, control, credentials, data, exploit, firewall, government, group, infrastructure, intelligence, microsoft, network, office, threat, vulnerability, wafmodus operandi to several other Chinese threat groups engaged in nation-state surveillance, such as UNC6384, whose campaigns targeted European diplomats.However, during a recent investigation at the office of a European government, Check Point said it had discovered that the group has now pivoted towards what it called “an unusually sophisticated playbook” with longer term goals.Key…
-
React2Shell fallout spreads to sensitive targets as public exploits hit all-time high
Attacker interest in the vulnerability is magnified by an unparalleled number of publicly available exploits, earning the defect the highest verified public exploit count of any CVE ever. First seen on cyberscoop.com Jump to article: cyberscoop.com/react2shell-vulnerability-fallout-spreads/
-
Zeroday Cloud hacking event awards $320,0000 for 11 zero days
The Zeroday Cloud hacking competition in London has awarded researchers $320,000 for demonstrating critical remote code execution vulnerabilities in components used in cloud infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zeroday-cloud-hacking-event-awards-320-0000-for-11-zero-days/
-
Exploited SonicWall zero-day patched (CVE-2025-40602)
SonicWall has patched a local privilege escalation vulnerability (CVE-2025-40602) affecting its Secure Mobile Access (SMA) 1000 appliances and is urging customers to apply the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/17/sonicwall-cve-2025-40602/
-
Cisco, SonicWall Disclose New Attacks Exploiting Zero-Day Flaws
Zero-day vulnerabilities in Cisco and SonicWall products have been exploited in new cyberattack campaigns, the vendors disclosed Wednesday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisco-sonicwall-disclose-new-attacks-exploiting-zero-day-flaws
-
Libbiosig, Grassroot DiCoM, Smallstep step-ca vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed vulnerabilities in Biosig Project Libbiosig, Grassroot DiCoM, and Smallstep step-ca.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy, except for Grassroot, as the First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/libbiosig-grassroot-dicom-smallstep-step-ca-vulnerabilities/
-
Complying with the Monetary Authority of Singapore’s Cloud Advisory: How Tenable Can Help
Tags: access, advisory, attack, authentication, best-practice, business, cloud, compliance, container, control, country, credentials, cyber, cybersecurity, data, data-breach, finance, fintech, framework, google, governance, government, iam, identity, incident response, infrastructure, intelligence, Internet, kubernetes, least-privilege, malicious, malware, mfa, microsoft, mitigation, monitoring, oracle, regulation, resilience, risk, risk-assessment, risk-management, service, software, strategy, technology, threat, tool, vulnerability, vulnerability-management, zero-trustThe Monetary Authority of Singapore’s cloud advisory, part of its 2021 Technology Risk Management Guidelines, advises financial institutions to move beyond siloed monitoring to adopt a continuous, enterprise-wide approach. These firms must undergo annual audits. Here’s how Tenable can help. Key takeaways: High-stakes compliance: The MAS requires all financial institutions in Singapore to meet mandatory…
-
When Zero-Days Go Active: What Ongoing Windows, Chrome, and Apple Exploits Reveal About Modern Intrusion Risk
A series of actively exploited zero-day vulnerabilities affecting Windows, Google Chrome, and Apple platforms was disclosed in mid-December, according to The Hacker News, reinforcing a persistent reality for defenders: attackers no longer wait for exposure windows to close. They exploit them immediately. Unlike large-scale volumetric attacks that announce themselves through disruption, zero-day exploitation operates quietly.…
-
FTC orders crypto platform Nomad to distribute $37.5 million after 2022 theft
Under a settlement with the FTC, the Nomad platform will have to redistribute stolen funds that white-hat hackers returned to the company after thieves aggressively exploited a vulnerability in 2022. First seen on therecord.media Jump to article: therecord.media/ftc-settlement-nomad-platform-return-customers-cryptocurrency
-
SonicWall warns of actively exploited flaw in SMA 100 AMC
SonicWall warned users to patch a SMA1000 AMC flaw that was exploited as a zero-day privilege escalation vulnerability in attacks. SonicWall urged customers to address a vulnerability, tracked as CVE-2025-40602, in the SMA1000 Appliance Management Console that was exploited as a zero-day in attacks in the wild. The flaw is a local privilege escalation issue…
-
SonicWall warns of actively exploited flaw in SMA 100 AMC
SonicWall warned users to patch a SMA1000 AMC flaw that was exploited as a zero-day privilege escalation vulnerability in attacks. SonicWall urged customers to address a vulnerability, tracked as CVE-2025-40602, in the SMA1000 Appliance Management Console that was exploited as a zero-day in attacks in the wild. The flaw is a local privilege escalation issue…
-
Microsoft Desktop Window Manager Flaw Allows Privilege Escalation
A critical vulnerability has been discovered in the Windows Desktop Window Manager (DWM) that could allow attackers to escalate privileges to system level. The flaw, tracked as CVE-2025-55681, resides in the dwmcore.dll component and was disclosed during the TyphoonPWN Windows security competition, where it earned second place recognition. The Vulnerability The vulnerability exists within the CBrushRenderingGraphBuilder::AddEffectBrush function in the DWM…
-
Hackers Can Seize Control of Car Dashboards Through Modem Vulnerabilities
Imagine cruising down the highway in your brand-new electric car when suddenly the multimedia display fills with Doom, the iconic 3D shooter game completely replacing your navigation map and vehicle controls. Shockingly, this isn’t science fiction. Security researchers have demonstrated that this scenario is entirely possible in today’s connected vehicles, exposing a critical vulnerability in…
-
Nagios XI 2026R1.1 Released to Patch Privilege Escalation Vulnerability
Nagios has released version 2026R1.1 to address a critical privilege escalation vulnerability affecting earlier versions of its monitoring platform. The flaw, tracked as CVE-2025-34288, poses a significant risk to enterprise infrastructure by enabling local attackers to execute arbitrary code with root privileges. Vulnerability Details The vulnerability stems from an unsafe interaction between sudo permissions and…