vulnerability patching

From Cyber Security News – CISA Warns of Cisco Smart Licensing Utility Credential Vulnerability Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Cisco vulnerability to its Known Exploited Vulnerabilities (KEV) catalog following confirmation of active exploitation in the wild. The flaw,…

shaikh Saqib April 1, 2025

News

From Cyber Security News – Windows KDC Proxy RCE Vulnerability Let Attackers Control The Server Remotely – Technical Analysis

Security researchers have uncovered a significant remote code execution vulnerability in Microsoft’s Windows Key Distribution Center (KDC) Proxy that could potentially allow attackers to gain complete control over affected servers.…

shaikh Saqib March 5, 2025

Vulnerabilities

From Cybersecurity Help – Three zero-day flaws in VMware ESXi, Workstation, and Fusion exploited in the wild

Google has rolled out its monthly Android Security Bulletin for March 2025 to fix over 40 vulnerabilities, including two zero-days. Read More

shaikh Saqib March 4, 2025

News

From Security Week – Cisco Patches Vulnerabilities in Nexus Switches

[[{"value":"Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw. The post Cisco Patches Vulnerabilities in Nexus Switches appeared first on SecurityWeek."}]] Read…

shaikh Saqib February 27, 2025

News

From The Hacker News – PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices

A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and

shaikh Saqib February 27, 2025

News

From Cyber Security News – Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware

A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware across enterprise networks within two hours…

shaikh Saqib February 24, 2025

News

From The Hacker News – XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells

Threat actors have been observed exploiting multiple security flaws in various software products, including Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to drop reverse shells and web shells, and maintain persistent remote access to compromised systems. The zero-day exploitation of security flaws in VeraCore has been attributed to a threat actor known as XE Group, a cybercrime

shaikh Saqib February 10, 2025