Vulnerabilities

Google Fixes 107 Android Flaws Including Two Actively Exploited Framework Bugs

Google has released its latest monthly security updates for the Android operating system, delivering fixes for 107 vulnerabilities found across key system components. The update covers issues in Framework, System, Kernel, and modules from Arm, Imagination Technologies, MediaTek, Qualcomm, and Unison. Two High Severity Bugs Exploited in Real World Attacks The company confirmed that two […]

Google Fixes 107 Android Flaws Including Two Actively Exploited Framework Bugs Read More »

CISA adds actively exploited XSS flaw CVE-2021-26829 in OpenPLC ScadaBR to KEV list

The United States Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog by adding a  cross-site scripting flaw that affects OpenPLC ScadaBR on both Windows and Linux systems. The decision follows confirmed evidence that the vulnerability is being actively used by attackers. The flaw, tracked as CVE-2021-26829  with a CVSS

CISA adds actively exploited XSS flaw CVE-2021-26829 in OpenPLC ScadaBR to KEV list Read More »

Legacy Python bootstrap scripts create domain takeover risk in several PyPI packages

Cybersecurity researchers have identified insecure legacy code inside several Python packages that could allow attackers to compromise the Python Package Index (PyPI) through a domain takeover scenario. ReversingLabs reported that the issue originates from old bootstrap scripts associated with a build and deployment tool known as zc.buildout. According to researcher Vladimir Pezo, these bootstrap files

Legacy Python bootstrap scripts create domain takeover risk in several PyPI packages Read More »

Microsoft to block unauthorized scripts in Entra ID logins with 2026 CSP update

Microsoft has announced a major update to strengthen the security of Entra ID authentication. Starting in October 2026, the company will block unauthorized script injection attacks through a revised Content Security Policy (CSP) for its login platform. Enhanced Security for Entra ID Sign-Ins The CSP update will focus on the sign-in experience at login.microsoftonline[.]com, allowing

Microsoft to block unauthorized scripts in Entra ID logins with 2026 CSP update Read More »

ShadowPad Malware Exploits a WSUS Vulnerability to Gain Full System Access

A recently addressed security flaw in Microsoft Windows Server Update Services, also known as WSUS, is being actively abused by attackers to deploy the advanced ShadowPad malware. According to a report from the AhnLab Security Intelligence Center, the threat actors used CVE 2025 59287 as the initial entry point into targeted Windows servers. Attackers Use

ShadowPad Malware Exploits a WSUS Vulnerability to Gain Full System Access Read More »

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions

Cybersecurity analysts have identified five significant vulnerabilities in Fluent Bit, a widely used open source telemetry agent. These flaws can be combined to compromise cloud environments and potentially give attackers full control over infrastructure. Oligo Security shared the findings, noting that the weaknesses allow authentication bypass, path traversal, remote code execution, service disruption, and tag

New Fluent Bit Vulnerabilities Expose Cloud Systems to RCE and Stealthy Infrastructure Intrusions Read More »

Critical Azure Bastion Flaw Allowed Attackers to Bypass Authentication and Escalate Privileges

A newly identified flaw in Azure Bastion, tracked as CVE 2025 49752, presents a serious security risk for organizations depending on the service for secure remote access. The vulnerability allows remote attackers to bypass authentication controls and escalate privileges to the administrative level. Since Azure Bastion is widely used to manage cloud based virtual machines,

Critical Azure Bastion Flaw Allowed Attackers to Bypass Authentication and Escalate Privileges Read More »

CISA Alerts on a Critical Oracle Identity Manager Zero Day Vulnerability That Is Being Actively Exploited

The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a newly discovered critical flaw in Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog. The agency confirmed that the vulnerability is currently being exploited in real world attacks. The flaw is tracked as CVE 2025 61757 with a CVSS score of 9.8.

CISA Alerts on a Critical Oracle Identity Manager Zero Day Vulnerability That Is Being Actively Exploited Read More »

WrtHug Uses Six ASUS WRT Vulnerabilities to Hijack Tens of Thousands of End of Life Routers Worldwide

A large scale cyber campaign has been uncovered in which tens of thousands of outdated or end of life ASUS routers have been compromised across several regions, mainly Taiwan, the United States, and Russia. SecurityScorecard’s STRIKE team has named this global activity Operation WrtHug. The attackers are using old and vulnerable devices to create a

WrtHug Uses Six ASUS WRT Vulnerabilities to Hijack Tens of Thousands of End of Life Routers Worldwide Read More »

Hackers Are Actively Exploiting a 7 Zip Symbolic Link Based RCE Vulnerability CVE 2025 11001

A critical security flaw affecting 7-Zip, tracked as CVE-2025-11001, is currently being actively exploited in the wild. The issue allows remote code execution via symbolic links in ZIP archives and impacts versions prior to 25.00, which was released in July 2025. Details of the Vulnerability The vulnerability arises from improper handling of symbolic links in

Hackers Are Actively Exploiting a 7 Zip Symbolic Link Based RCE Vulnerability CVE 2025 11001 Read More »