proof-of-concept exploit

Vulnerabilities

From Cybersecurity Help – Surge in attacks targeting Palo Alto networks gateways observed

The activity began on March 17, 2025, and persisted at a rate of nearly 20,000 unique IP addresses per day. Read More

Samir K April 1, 2025

News

From Security Week – Critical Next.js Vulnerability in Hacker Crosshairs

[[{"value":"Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js. The post Critical Next.js Vulnerability in Hacker Crosshairs appeared first on SecurityWeek."}]] Read…

shaikh Saqib March 26, 2025

News

From Cyber Security News – Critical Apache Tomcat RCE Vulnerability Exploited in Just 30hrs of Public Exploit

Security researchers have confirmed that a critical remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The vulnerability, which enables attackers…

shaikh Saqib March 18, 2025

News

From The Hacker News – Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure

A recently disclosed security flaw impacting Apache Tomcat has come under active exploitation in the wild following the release of a public proof-of-concept (PoC) a mere 30 hours after public disclosure. The vulnerability, tracked as CVE-2025-24813, affects the below versions - Apache Tomcat 11.0.0-M1 to 11.0.2 Apache Tomcat 10.1.0-M1 to 10.1.34 Apache Tomcat 9.0.0-M1 to 9.0.98 It concerns a

shaikh Saqib March 17, 2025

News

From Cyber Security News – HiveOS Vulnerabilities Let Attackers Execute Arbitrary Commands

Security researchers have uncovered three critical vulnerabilities in Extreme Networks’ IQ Engine (HiveOS) that collectively enable authenticated attackers to escalate privileges, decrypt passwords, and execute arbitrary commands on affected systems. …

shaikh Saqib March 3, 2025

News

From Cyber Security News – Critical MITRE Caldera Vulnerability Let Attackers Execute Remote Code – PoC Released

A critical remote code execution (RCE) vulnerability (CVE-2025–27364) has been identified in all versions of MITRE Caldera prior to commit 35bc06e, exposing systems to potential compromise via unauthenticated attackers. The…

shaikh Saqib February 25, 2025

News

From The Hacker News – CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below - CVE-2025-0108 (CVSS score: 7.8) - An authentication bypass vulnerability in the Palo Alto Networks PAN-OS

shaikh Saqib February 19, 2025

News

From Cyber Security News – CISA Warns of Palo Alto PAN-OS Vulnerability Actively Exploited in the Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding actively exploiting a high-severity authentication bypass vulnerability (CVE-2025-0108) in Palo Alto Networks PAN-OS, the operating system powering…

shaikh Saqib February 19, 2025