Vulnerabilities

ShadowPad Malware Exploits a WSUS Vulnerability to Gain Full System Access

A recently addressed security flaw in Microsoft Windows Server Update Services, also known as WSUS, is being actively abused by attackers to deploy the advanced ShadowPad malware. According to a report from the AhnLab Security Intelligence Center, the threat actors used CVE 2025 59287 as the initial entry point into targeted Windows servers. Attackers Use […]

ShadowPad Malware Exploits a WSUS Vulnerability to Gain Full System Access Read More »

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions

Cybersecurity analysts have identified five significant vulnerabilities in Fluent Bit, a widely used open source telemetry agent. These flaws can be combined to compromise cloud environments and potentially give attackers full control over infrastructure. Oligo Security shared the findings, noting that the weaknesses allow authentication bypass, path traversal, remote code execution, service disruption, and tag

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions Read More »

Critical Azure Bastion Flaw Allowed Attackers to Bypass Authentication and Escalate Privileges

A newly identified flaw in Azure Bastion, tracked as CVE 2025 49752, presents a serious security risk for organizations depending on the service for secure remote access. The vulnerability allows remote attackers to bypass authentication controls and escalate privileges to the administrative level. Since Azure Bastion is widely used to manage cloud based virtual machines,

Critical Azure Bastion Flaw Allowed Attackers to Bypass Authentication and Escalate Privileges Read More »

CISA Alerts on a Critical Oracle Identity Manager Zero Day Vulnerability That Is Being Actively Exploited

The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a newly discovered critical flaw in Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. The agency confirmed that the vulnerability is currently being exploited in real world attacks. The flaw is tracked as CVE 2025 61757 with a CVSS score of 9.8.

CISA Alerts on a Critical Oracle Identity Manager Zero Day Vulnerability That Is Being Actively Exploited Read More »

WrtHug Uses Six ASUS WRT Vulnerabilities to Hijack Tens of Thousands of End of Life Routers Worldwide

A large scale cyber campaign has been uncovered in which tens of thousands of outdated or end of life ASUS routers have been compromised across several regions, mainly Taiwan, the United States, and Russia. SecurityScorecard’s STRIKE team has named this global activity Operation WrtHug. The attackers are using old and vulnerable devices to create a

WrtHug Uses Six ASUS WRT Vulnerabilities to Hijack Tens of Thousands of End of Life Routers Worldwide Read More »

Hackers Are Actively Exploiting a 7 Zip Symbolic Link Based RCE Vulnerability CVE 2025 11001

A critical security flaw affecting 7-Zip, tracked as CVE-2025-11001, is currently being actively exploited in the wild. The issue allows remote code execution via symbolic links in ZIP archives and impacts versions prior to 25.00, which was released in July 2025. Details of the Vulnerability The vulnerability arises from improper handling of symbolic links in

Hackers Are Actively Exploiting a 7 Zip Symbolic Link Based RCE Vulnerability CVE 2025 11001 Read More »

Fortinet Alerts Users About FortiWeb CVE 2025 58034 Vulnerability Now Being Actively Exploited

Fortinet has issued an important warning regarding a newly discovered security flaw in its FortiWeb product. The vulnerability, identified as CVE 2025 58034, has already been exploited in real world attacks, raising concerns for organizations that rely on FortiWeb for application security. About the Vulnerability This flaw is rated as medium severity and has a

Fortinet Alerts Users About FortiWeb CVE 2025 58034 Vulnerability Now Being Actively Exploited Read More »

Now Patched Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts

Security researchers have raised alarms over a critical authentication bypass vulnerability in Fortinet FortiWeb Web Application Firewall (WAF). Exploiting this flaw allows attackers to take control of admin accounts, potentially compromising the entire device. Vulnerability Overview According to watchTowr, active exploitation of a vulnerability patched silently in FortiWeb version 8.0.2 has been observed in the

Now Patched Fortinet FortiWeb Vulnerability Exploited to Create Unauthorized Admin Accounts Read More »

Researchers Discover Critical AI Bugs Affecting Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have identified critical remote code execution (RCE) vulnerabilities impacting major AI inference frameworks, including those maintained by Meta, Nvidia, Microsoft, and open-source projects like vLLM and SGLang. These flaws, collectively termed the ShadowMQ pattern, stem from unsafe deserialization of Python objects over ZeroMQ (ZMQ) sockets. Root Cause: Unsafe Deserialization According to Avi Lumelsky

Researchers Discover Critical AI Bugs Affecting Meta, Nvidia, and Microsoft Inference Frameworks Read More »

CISA Warns of Critical WatchGuard Fireware Vulnerability Exposing 54,000 Fireboxes to Unauthenticated Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert, adding a severe vulnerability found in WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. The flaw, tracked as CVE-2025-9242 with a CVSS score of 9.3, is an out-of-bounds write vulnerability affecting the following Fireware

CISA Warns of Critical WatchGuard Fireware Vulnerability Exposing 54,000 Fireboxes to Unauthenticated Attacks Read More »