critical vulnerability

From Cyber Security News – CISA Warns of Cisco Smart Licensing Utility Credential Vulnerability Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Cisco vulnerability to its Known Exploited Vulnerabilities (KEV) catalog following confirmation of active exploitation in the wild. The flaw,…

shaikh Saqib April 1, 2025

News

From Security Week – Critical Next.js Vulnerability in Hacker Crosshairs

[[{"value":"Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js. The post Critical Next.js Vulnerability in Hacker Crosshairs appeared first on SecurityWeek."}]] Read…

shaikh Saqib March 26, 2025

News

From The Hacker News – New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking

A critical security vulnerability has been disclosed in AMI's MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity. "A local or remote attacker can exploit the vulnerability by accessing the

shaikh Saqib March 18, 2025

News

From Cyber Security News – Cisco Nexus Vulnerability Let Attackers Inject Malicious Commands

Cisco Systems has issued a critical security advisory addressing a command injection vulnerability in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Designated as CVE-2025-20161, the…

shaikh Saqib February 27, 2025

News

From The Hacker News – PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices

A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and

shaikh Saqib February 27, 2025

Vulnerabilities

From Cybersecurity Help – Recently patched PAN OS firewall bug actively exploited in the wild

GreyNoise had detected exploit attempts originating from nearly 30 unique IP addresses. Read More

shaikh Saqib February 19, 2025

News

From Cyber Security News – IDOR Vulnerability in ExHub Let Attacker Modify Web Hosting Configuration

A critical Insecure Direct Object Reference (IDOR) vulnerability was recently discovered in ExHub, a cloud-based platform for hulia-based development. This flaw allowed attackers to modify web hosting configurations of any…

shaikh Saqib February 17, 2025