Vulnerabilities

SonicWall Patches Actively Exploited CVE-2025-40602 in SMA 100 Appliances

SonicWall has released security updates to address an actively exploited vulnerability affecting its Secure Mobile Access SMA 100 series appliances. The company confirmed that the flaw has been observed in real world attacks, prompting an urgent call for customers to apply the available fixes. The issue, tracked as CVE-2025-40602 with a CVSS score of 6.6, […]

SonicWall Patches Actively Exploited CVE-2025-40602 in SMA 100 Appliances Read More »

Fortinet FortiGate Under Active Attack via SAML SSO Authentication Bypass

Cybersecurity researchers have confirmed active attacks on Fortinet FortiGate devices exploiting two recently disclosed authentication vulnerabilities, less than a week after they were made public. Arctic Wolf, a cybersecurity firm, reported observing malicious single sign-on (SSO) login attempts on FortiGate appliances on December 12, 2025. The attacks target two critical authentication bypass flaws, tracked as

Fortinet FortiGate Under Active Attack via SAML SSO Authentication Bypass Read More »

FreePBX Fixes Critical SQL Injection, File Upload, and AUTHTYPE Bypass Flaws Leading to RCE

Cybersecurity researchers have revealed multiple serious security flaws in the open source PBX platform FreePBX, including issues that could allow attackers to bypass authentication and achieve remote code execution under specific configurations. The vulnerabilities were identified by researchers at Horizon3.ai and responsibly disclosed to the FreePBX maintainers on September 15, 2025. According to the findings,

FreePBX Fixes Critical SQL Injection, File Upload, and AUTHTYPE Bypass Flaws Leading to RCE Read More »

VolkLocker Ransomware Exposed After Hard Coded Master Key Enables Free Decryption

Cybersecurity researchers have exposed a critical design flaw in a new ransomware strain called VolkLocker, allowing victims to recover their files without paying a ransom. The malware is operated by the pro Russian hacktivist group CyberVolk, also known as GLORIAMIST, and is offered under a ransomware as a service model. The weakness lies in poor

VolkLocker Ransomware Exposed After Hard Coded Master Key Enables Free Decryption Read More »

CISA Adds Actively Exploited Sierra Wireless Router Flaw Allowing RCE Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high severity flaw affecting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog after reports of active exploitation. The vulnerability, tracked as CVE-2018-4063, allows remote code execution (RCE) through a specially crafted HTTP request. CVE-2018-4063 Overview The vulnerability involves an unrestricted

CISA Adds Actively Exploited Sierra Wireless Router Flaw Allowing RCE Attacks Read More »

New React RSC Vulnerabilities Allow DoS Attacks and Source Code Exposure

The React development team has released security updates addressing two newly identified classes of vulnerabilities in React Server Components (RSC). If exploited, these weaknesses could allow attackers to trigger denial of service conditions or expose application source code, expanding the risk surface for environments already under pressure from recent React-related flaws. According to the React

New React RSC Vulnerabilities Allow DoS Attacks and Source Code Exposure Read More »

Unpatched Gogs Zero Day Actively Exploited Across More Than 700 Instances

A newly discovered and unpatched security vulnerability in Gogs is being actively exploited in the wild, with more than 700 compromised instances currently accessible over the internet. The findings were disclosed by Wiz following an investigation into a real world malware incident. The vulnerability, tracked as CVE-2025-8110 with a CVSS score of 8.7, affects the

Unpatched Gogs Zero Day Actively Exploited Across More Than 700 Instances Read More »

Active Attacks Abuse Gladinet Hard Coded Keys to Gain Unauthorized Access and Execute Code

Cybersecurity researchers are warning of ongoing attacks targeting Gladinet CentreStack and Triofox deployments, where threat actors are actively exploiting a weakness caused by hard coded cryptographic keys. According to new findings from Huntress, at least nine organizations have already been impacted. Security researcher Bryan Masters explained that the flaw allows attackers to access sensitive configuration

Active Attacks Abuse Gladinet Hard Coded Keys to Gain Unauthorized Access and Execute Code Read More »

.NET SOAPwn Flaw Enables File Writes and Remote Code Execution Through Rogue WSDL

Cybersecurity researchers have revealed a serious exploitation technique affecting enterprise applications built on the .NET ecosystem, enabling attackers to perform arbitrary file writes and potentially achieve remote code execution. The research was conducted by WatchTowr Labs, which internally named the issue SOAPwn. According to the researchers, the flaw stems from how certain .NET components process

.NET SOAPwn Flaw Enables File Writes and Remote Code Execution Through Rogue WSDL Read More »

WinRAR Vulnerability CVE-2025-6218 Actively Targeted by Multiple Threat Groups

A newly disclosed security flaw in WinRAR has been added to the U S Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog after investigators confirmed that threat actors are actively abusing it. The flaw, tracked as CVE-2025-6218 with a severity score of 7 point 8, is a path traversal issue that can

WinRAR Vulnerability CVE-2025-6218 Actively Targeted by Multiple Threat Groups Read More »