Posted inNews
From Dark Reading – Google Hastily Patches Chrome Zero-Day Exploited by APT
Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware. Read More
Posted inNews
From Cyber Security News – Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild
Google has released an urgent security update for its Chrome browser after cybersecurity researchers at Kaspersky discovered a zero-day vulnerability being actively exploited by sophisticated threat actors. The vulnerability, identified…
Posted inNews
From The Hacker News – Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that it said has been exploited in the wild as part of attacks targeting organizations in Russia.
The vulnerability, tracked as CVE-2025-2783, has been described as a case of "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo refers to a
Posted inNews
From Security Week – Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
[[{"value":"The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks in Russian. The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky…
Posted inNews
From Cyber Security News – Hackers Exploit Windows MMC Zero-Day Vulnerability to Execute Malicious Code
A sophisticated campaign by Russian threat actors exploiting a critical zero-day vulnerability in the Microsoft Management Console (MMC). The vulnerability, CVE-2025-26633, allows attackers to bypass security features and execute malicious…
Posted inNews
From Cyber Security News – Critical Apache Tomcat RCE Vulnerability Exploited in Just 30hrs of Public Exploit
Security researchers have confirmed that a critical remote code execution (RCE) vulnerability in Apache Tomcat, tracked as CVE-2025-24813, is being actively exploited in the wild. The vulnerability, which enables attackers…
Posted inVulnerabilities
From Cybersecurity Help – Apache Tomcat RCE bug actively exploited by attackers
The attack is dead simple to execute and requires no authentication, the researchers note. Read More
Posted inNews
From Dark Reading – ‘Ballista’ Botnet Exploits 2023 Vulnerability in TP-Link Routers
In the past, the vulnerability was exploited to drop Mirai botnet malware. Today, it's being used once more for another botnet campaign with its own malware. Read More
Posted inNews
From Cyber Security News – CISA Warns of Edimax IC-7100 IP Camera 0-Day Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a severe vulnerability in the Edimax IC-7100 IP Camera. This vulnerability, CVE-2025-1316, allows attackers to execute remote…
Posted inNews
From The Hacker News – CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerability in question is CVE-2025-23209 (CVSS score: 8.1), which impacts Craft CMS versions 4 and 5. It was addressed by the
Posted inNews
From Cyber Security News – CISA Releases Two New ICS Advisories Exploits Following Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) released two Industrial Control Systems (ICS) advisories, addressing critical vulnerabilities in Delta Electronics CNCSoft-G2 and Rockwell Automation GuardLogix controllers. These advisories highlight exploitable…
Posted inNews
From Security Week – Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability
[[{"value":"Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers. The post Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability appeared first on…
Posted inNews
From Security Week – Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities
[[{"value":"Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products. The post Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities appeared first on SecurityWeek."}]] Read More
Posted inNews
From The Hacker News – CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in the wild.
The vulnerability in question is CVE-2025-0994 (CVSS v4 score: 8.6), a deserialization of untrusted data bug that could permit an attacker to conduct remote code execution.
"This could
Posted inNews
From Cyber Security News – Microsoft Edge Vulnerabilities Let Attackers Execute Remote Code – Update Now!
Microsoft has released a critical security update for its Edge browser, addressing multiple vulnerabilities that could allow attackers to execute remote code and compromise user systems. Users are strongly urged…