Newswires

February 14, 2025

RansomHub Emerges as Leading Ransomware Group in 2024, Impacting Over 600 Global Entities
RansomHub, a ransomware-as-a-service operation, has risen to prominence in 2024, affecting over 600 organizations around the globe.
February 14, 2025

Targeted Attacks Exploit PostgreSQL Flaw Alongside BeyondTrust Zero-Day Vulnerability
Rapid7's research into a zero-day vulnerability in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) products, identified in December 2024, has led to the discovery of a previously unknown SQL injection flaw in PostgreSQL.
February 14, 2025

Critical Remote Code Execution Vulnerability Identified in WinZip: CVE-2025-1240
A critical vulnerability, designated as CVE-2025-1240, has been unearthed in the popular file compression software, WinZip.
February 14, 2025

Palo Alto Networks Addresses High-Severity Firewall Vulnerability Amid Active Exploits
Palo Alto Networks has resolved a critical authentication bypass vulnerability (CVE-2025-0108) in the management web interface of its next-generation firewalls.
February 12, 2025

Russian Sandworm APT’s Subgroup, BadPilot, Exploits Edge Bugs on a Global Scale
Sandworm, also known as Seashell Blizzard or Military Unit 74455 within Russia's military intelligence (GRU), is a renowned advanced persistent threat (APT) group.
February 12, 2025

PandasAI Vulnerability Allows Full System Compromise Through Prompt Injection
A recently identified security flaw in the open-source AI-based data analysis library, PandasAI, developed by SinaptikAI, has been found to expose users to potential remote code execution (RCE) through prompt injection attacks.
February 11, 2025

Fortinet Firewalls Compromised by New Zero-Day Exploit
Fortinet has issued a warning about threat actors exploiting a new zero-day vulnerability, tracked as CVE-2025-24472 (with a CVSS score of 8.1), in its FortiOS and FortiProxy products to hijack firewalls.
February 11, 2025

SonicWall Firewall Vulnerability Allows VPN Session Hijacking: Urgent Patch Required
Bishop Fox security researchers have released a comprehensive report detailing the exploitation of a vulnerability, CVE-2024-53704, in certain versions of SonicWall's SonicOS SSLVPN application.
February 6, 2025

Urgent Call to Secure Systems Against Ongoing Attacks Exploiting Microsoft Outlook RCE Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to federal agencies to fortify their systems against ongoing attacks that are exploiting a critical remote code execution (RCE) vulnerability in Microsoft Outlook.
February 6, 2025

SimpleHelp RMM Vulnerabilities Exploited to Deploy Sliver Malware
Cybercriminals are exploiting vulnerabilities in SimpleHelp RMM clients to create admin accounts, drop backdoors, and potentially prepare for ransomware attacks.

Previous 123 Next

See VULNERA In Action

Meet with a team member to discuss your use cases and see a demo.

Schedule Now

By Solution

By Feature

I Want To…

Learn More

VULNERA vs Vulnerability Scanners

Security Assessment Buyers Guide

Resources

Resources

Blog

Threat Intelligence

I Want To…

Learn More

Top 10 Vulnerability Management Questions Answered

About

About

Partners

I Want To…

Learn More

Simplifying Vulnerability Management

Newswires

See VULNERA In Action

Quick Menu

Features

Subscribe