Overview A new critical vulnerability has been identified in FreePBX, the widely adopted open-source, web-based graphical user interface for managing Asterisk PBX systems. Tracked as CVE-2025-57819, this flaw affects FreePBX versions 15, 16, and 17 and enables unauthenticated attackers to bypass administrator login controls. Once inside, threat actors can perform SQL Injection attacks that lead... The post FreePBX Authentication Bypass Leading to SQL Injection and RCE (CVE-2025-57819) appeare...| IONIX
zero-day vulnerability, CVE-2025-7775, has been disclosed in Citrix NetScaler ADC and Gateway appliances. This flaw is classified as a memory overflow vulnerability| IONIX
Description of CVEs 2025‑54253 and 2025‑54254 Adobe Experience Manager (AEM) Forms on Java Enterprise Edition (JEE) has suffered two critical vulnerabilities CVE‑2025‑54253 and CVE‑2025‑54254 disclosed in early August 2025. According to Adobe, both flaws carry public proof-of-concept (PoC) exploits, though there are no known in-the-wild attacks as of today. Exploit Methods CVE‑2025‑54253 – Misconfiguration leading... The post CVE‑2025‑54253 & CVE‑2025‑54254 in Adobe ...| IONIX
UPDATE: July 22In an industry-first exploit validation, the IONIX Research Team has successfully reproduced a working exploit for CVE-2025-53770 — a critical deserialization of untrusted data vulnerability in on-premises Microsoft SharePoint Server. This flaw is currently being exploited in the wild, enabling unauthenticated remote code execution across organizational environments. The IONIX platform has been updated... The post Microsoft SharePoint CVE-2025-53770: Actively Exploited Remote...| IONIX
A critical remote code execution vulnerability, CVE-2025-54309, has been disclosed in CrushFTP, a popular managed file transfer (MFT) solution. This flaw allows unauthenticated remote attackers to gain full administrative access to vulnerable systems over HTTPS – without triggering authentication controls.| IONIX
Summertime isn't just for vacations and barbecues—it's also prime season for zero-day attacks. These attacks, launched by malicious actors exploiting previously unknown vulnerabilities in software, are a significant concern for national security and cybersecurity professionals.| MixMode
A severe zero-day vulnerability in Microsoft Windows, tracked as CVE-2024-38112, has been actively exploited by threat actors for at least 18 months. This security flaw in the Windows MSHTML Platform allows remote code execution, potentially compromising numerous organizations worldwide.| MixMode
A recent Washington Post report sent shockwaves through the cybersecurity landscape, revealing that Chinese government-backed hackers have infiltrated at least two major US internet service providers (ISPs) and several smaller ones.| MixMode
The Lazarus Group is back with an upgraded variant of their FudModule rootkit, this time enabled by a zero-day admin-to-kernel vulnerability for CVE-2024-21338. Read this blog for a detailed analysis of this rootkit variant and learn more about several new techniques, including a handle table entry manipulation technique that directly targets Microsoft Defender, CrowdStrike Falcon, and HitmanPro. The post Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day appeare...| Avast Threat Labs