Category: Exploits

Three vulnerabilities in SMA 100 gateways could facilitate root RCE attacks, and one of the vulnerabilities has already been exploited in the wild.

Read more →

GUEST RESEARCH:  A persistent malvertising campaign is plaguing Facebook, leveraging the reputations of well-known cryptocurrency exchanges to lure victims into a maze of malware. Since Bitdefender Labs started investigating, this evolving threat has posed a serious risk by deploying cleverly disguised front-end scripts and custom payloads on users’ devices, all under the guise of legitimate…

Read more →

Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch

Read more →

A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as CVE-2025-27007 (CVSS score: 9.8), is a privilege escalation bug impacting all versions of the plugin prior to and including version 1.0.82.  “This is due to the create_wp_connection() function missing a capability check…

Read more →

Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated remote code execution with elevated privileges. The vulnerabilities, tracked as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, have all been described as XML External Entity (XXE) injections, which occur when an attacker is

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has evidence that a critical flaw fixed last month in Langflow is now being exploited the wild. The vulnerability, which can be exploited without authentication to remotely execute arbitrary code on servers was added to CISA’s known exploited vulnerabilities (KEV) catalog, signaling to government agencies and private…

Read more →

CISA added CVE-2025-34028 to its Known Exploited Vulnerabilities catalog, citing active attacks in the wild.

Read more →

Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. The activity, first observed by the Akamai Security Intelligence and Response Team (SIRT) in early April 2025, involves the exploitation of two operating system…

Read more →

It wasn’t ransomware headlines or zero-day exploits that stood out most in this year’s Verizon 2025 Data Breach Investigations Report (DBIR) — it was what fueled them. Quietly, yet consistently, two underlying factors played a role in some of the worst breaches: third-party exposure and machine credential abuse. According to the 2025 DBIR, third-party involvement…

Read more →

Enterprises looking to stem the tide of breaches and attacks usually end up purchasing a threat intelligence platform (TIP). These can take one of several forms, including a managed cloud-based service or a tightly coupled tool collection that provides a wider risk management profile by tying together threat detection, incident response and vulnerability management. More…

Read more →

Google has released its monthly security updates for Android with fixes for 46 security flaws, including one vulnerability that it said has been exploited in the wild. The vulnerability in question is CVE-2025-27363 (CVSS score: 8.1), a high-severity flaw in the System component that could lead to local code execution without requiring any additional execution…

Read more →

A recently disclosed critical security flaw impacting the open-source Langflow platform has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), citing evidence of active exploitation. The vulnerability, tracked as CVE-2025-3248, carries a CVSS score of 9.8 out of a maximum of 10.0. “Langflow contains a…

Read more →

CISOs at retailers around the world should be tightening their defenses after several recent cyber attacks crippled shopping and supermarket chains in the UK. Those included successful attacks on retail chain Marks & Spencer and supermarket chain Co-op, and the attempted hack of high-end retailer Harrods. Over the weekend, the UK National Cyber Security Centre…

Read more →

Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple’s AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology. The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo. “These vulnerabilities can be chained by

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a maximum-severity security flaw impacting Commvault Command Center to its Known Exploited Vulnerabilities (KEV) catalog, a little over a week after it was publicly disclosed. The vulnerability in question is CVE-2025-34028 (CVSS score: 10.0), a path traversal bug that affects 11.38 Innovation Release, from versions

Read more →

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities

Read more →

As you walk around trying to avoid the 41,000 participants at RSA Conference in San Francisco, you become aware of the Waymo autonomous cars in the streets that always elicit an extra glance. Yes, there is no driver in that seat! Waymo cars aim to revolutionize transportation through fully autonomous driving technology that offers the…

Read more →

width=”1888″ height=”1062″ sizes=”(max-width: 1888px) 100vw, 1888px”>Hacker könnten über eine Schwachstelle im NetWeaver auf SAP-Systeme zugreifen, Schadcode einschleusen und so die Kontrolle übernehmen. TenPixels – shutterstock.com Angreifer nutzen seit dem 21. April 2025 eine kritische Zero-Day-Schwachstelle in der Visual Composer-Komponente des SAP NetWeaver Application Server aus. SAP hat bereits einen Out-of-Band-Fix veröffentlicht, der über das Support-Portal…

Read more →

Hacker zielen vermehrt auf KMUs und ihre Edge-Geräte und VPNs. PR Image Factory – shutterstock.com Cyberkriminelle bleiben einfallsreich und machen sich technische Neuerungen schnell sowie effektiv zu nutzen. Sowohl dadurch als auch durch eine gestiegene Sensibilität für vorhandene Angriffsvektoren bei möglichen Opfern ist ein verändertes Muster ihrer Attacken begründet. Im Data Breach Investigation Report (DBIR)…

Read more →

Zero-day vulnerabilities may have declined in 2024, but the number of flaws in enterprise products that didn’t have a patch at the time of exploitation is increasing, highlighting the increased focused attackers have in exploiting enterprise software and devices to achieve initial access to corporate networks. “While the historic focus on the exploitation of popular…

Read more →

Google has revealed that it observed 75 zero-day vulnerabilities exploited in the wild in 2024, down from 98 in 2023 but an increase from 63 the year before. Of the 75 zero-days, 44% of them targeted enterprise products. As many as 20 flaws were identified in security software and appliances. “Zero-day exploitation of browsers and…

Read more →

Google claims 19% more zero-day bugs were exploited in 2024 than 2022 as threat actors focus on security products

Read more →

The number of vulnerabilities exploited by attacks may not be growing these days, but they are increasingly affecting enterprise technologies.

Read more →

CISOs seeking insights into the latest cyberattack trends should note that cybercriminals’ initial access methods appear to be shifting, as data from both Verizon and Google-owned Mandiant underscored similar findings about intrusion techniques in separate reports. According to Mandiant, stolen credentials were responsible for more intrusions last year than phishing and were second only to…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two high-severity security flaws impacting Broadcom Brocade Fabric OS and Commvault Web Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2025-1976 (CVSS score: 8.6) – A code injection…

Read more →

CVE-2025-31324 is a maximum severity bug that attackers exploited weeks before SAP released a patch for it.

Read more →

Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities – CVE-2024-58136 (CVSS score: 9.0) – An improper protection of alternate path flaw…

Read more →

Reporting to the CFO instead of the CIO can help CISOs frame cybersecurity in business terms, position cybersecurity as more than a cost center, and reduce conflicts of interest between the CISO and CIO. This unlikely alliance is a way for CISOs to evolve from technical experts to strategic partners and broaden their influence. Daniel…

Read more →

GUEST RESEARCH:  Vulnerability exploitation surged as the initial access vector for 20% of breaches—a 34% increase year over year and now rivalling the top initial access vector (credential abuse), according to the newly released 2025 Verizon Data Breach Investigation Report (DBIR). To dig deep into this risk, Tenable contributed enriched data on the most exploited…

Read more →

Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix that’s available through its support portal and it should be applied immediately, especially on systems that are directly exposed to the internet. “Unauthenticated attackers can abuse built-in…

Read more →

A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors

Read more →

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.  “The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue,” ReliaQuest said in a report published this…

Read more →

Third-party involvement in breaches and exploitation of vulnerabilities have become more important factors in security breaches, according to the latest edition of Verizon’s Data Breach Investigation Report (DBIR). An analysis of 22,000 security incidents, including 12,195 confirmed data breaches in 139 countries, found that credential abuse (22%) and exploitation of vulnerabilities (20%, up from 14.9%…

Read more →

Cybersecurity researchers have disclosed three security flaws in the Rack Ruby web server interface that, if successfully exploited, could enable attackers to gain unauthorized access to files, inject malicious data, and tamper with logs under certain conditions. The vulnerabilities, flagged by cybersecurity vendor OPSWAT, are listed below – CVE-2025-27610 (CVSS score: 7.5) – A path…

Read more →

Cybersecurity researchers are warning about a new malware called DslogdRAT that’s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were “installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024,” JPCERT/CC researcher Yuma

Read more →

As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. “We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure,” VulnCheck said in a report shared…

Read more →

Despite successful operations against ransomware gangs in 2024, ransomware was still the most pervasive threat to critical infrastructure in the US last year, according to the FBI’s latest Internet Crime Report. The agency received more than 4,800 cyber threat complaints from critical infrastructure firms in 2024, with the most reported incidents from those providers dealing…

Read more →

After a 180% rise in last year’s report, the exploitation of vulnerabilities continues to grow, now accounting for 20% of all breaches

Read more →

Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before.  Attackers are increasingly leveraging identity-based techniques over software exploits, with phishing and stolen credentials (a byproduct of phishing) now the primary

Read more →

A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.

Read more →