CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. The post Threat Insights: Active Exploitation of Cisco ASA Zero Days appeared first on Unit 42.| Unit 42
Researchers said malicious activity dates back to early July and active exploitation was observed two months ago. The post Dozens of Oracle customers impacted by Clop data theft for extortion campaign appeared first on CyberScoop.| CyberScoop
What is CVE-2025-10035? A new critical vulnerability, CVE-2025-10035, has been disclosed in Fortra’s GoAnywhere MFT, a widely used managed file transfer solution. The flaw lies in the License Servlet and allows unauthenticated attackers to achieve remote code execution (RCE) through crafted license responses. The vendor has rated this vulnerability as Critical (CVSS 10.0) due to... The post CVE-2025-10035 Critical Remote Code Execution in Fortra GoAnywhere MFT appeared first on IONIX.| IONIX
Recently, CISA added a Chrome zero-day vulnerability, CVE-2025-10585, to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that threat actors are actively exploiting this high-severity flaw in real-world attacks. This vulnerability affects multiple web browsers that utilize the Chromium engine, including Google Chrome, Microsoft Edge, Opera, and Brave. CISA strongly urges all organizations and individual users to prioritize […]| Qualys Security Blog
%20(1).webp)
Today, the National Cyber Security Centre (NCSC) – part of GCHQ – issued further advice to help network defenders mitigate| Cyber Security News
A seemingly harmless message is broadcast across the galaxy, exploiting a zero-day vulnerability in every ship's logging system. The Atlas Monkey must race to create a patch before the entire fleet is compromised by this Log4Shell-style attack.| Seuros Blog - Navigation Logs from the Ruby Nebula
Overview The IONIX research team is tracking CVE-2025-42944, an insecure deserialization vulnerability affecting SAP NetWeaver AS Java’s RMI-P4 module—a critical issue warranting immediate attention. What’s at Risk? Context & Why It Matters Current State of Exploitation IONIX Recommendations Who Might Be Affected? Final Take CVE-2025-42944 is a textbook example of how insecure deserialization can escalate... The post CVE-2025-42944 — Insecure Deserialization in SAP NetWeaver appeared ...| IONIX
Summary A critical Server-Side Request Forgery (SSRF) vulnerability—CVE-2025-8085—has been discovered in the popular WordPress plugin “Ditty (News Ticker & Display Items)” for versions prior to 3.1.58. The issue resides in the displayItems REST API endpoint (wp-json/dittyeditor/v1/displayItems), which lacks authentication and authorization, allowing unauthenticated attackers to force the server to fetch arbitrary URLs—internal or external—via crafted... The post Unauthenticated SS...| IONIX
Samsung’s September 2025 security updates for Android devices include a patch for a vulnerability that has been exploited in the wild.| SecurityWeek
Overview A new critical vulnerability has been identified in FreePBX, the widely adopted open-source, web-based graphical user interface for managing Asterisk PBX systems. Tracked as CVE-2025-57819, this flaw affects FreePBX versions 15, 16, and 17 and enables unauthenticated attackers to bypass administrator login controls. Once inside, threat actors can perform SQL Injection attacks that lead... The post FreePBX Authentication Bypass Leading to SQL Injection and RCE (CVE-2025-57819) appeare...| IONIX
zero-day vulnerability, CVE-2025-7775, has been disclosed in Citrix NetScaler ADC and Gateway appliances. This flaw is classified as a memory overflow vulnerability| IONIX
A critical remote code execution vulnerability, CVE-2025-54309, has been disclosed in CrushFTP, a popular managed file transfer (MFT) solution. This flaw allows unauthenticated remote attackers to gain full administrative access to vulnerable systems over HTTPS – without triggering authentication controls.| IONIX
Summertime isn't just for vacations and barbecues—it's also prime season for zero-day attacks. These attacks, launched by malicious actors exploiting previously unknown vulnerabilities in software, are a significant concern for national security and cybersecurity professionals.| MixMode
A severe zero-day vulnerability in Microsoft Windows, tracked as CVE-2024-38112, has been actively exploited by threat actors for at least 18 months. This security flaw in the Windows MSHTML Platform allows remote code execution, potentially compromising numerous organizations worldwide.| MixMode
A recent Washington Post report sent shockwaves through the cybersecurity landscape, revealing that Chinese government-backed hackers have infiltrated at least two major US internet service providers (ISPs) and several smaller ones.| MixMode
