Newswires

February 12, 2025

Russian Sandworm APT’s Subgroup, BadPilot, Exploits Edge Bugs on a Global Scale
Sandworm, also known as Seashell Blizzard or Military Unit 74455 within Russia's military intelligence (GRU), is a renowned advanced persistent threat (APT) group.
February 12, 2025

PandasAI Vulnerability Allows Full System Compromise Through Prompt Injection
A recently identified security flaw in the open-source AI-based data analysis library, PandasAI, developed by SinaptikAI, has been found to expose users to potential remote code execution (RCE) through prompt injection attacks.
February 11, 2025

Fortinet Firewalls Compromised by New Zero-Day Exploit
Fortinet has issued a warning about threat actors exploiting a new zero-day vulnerability, tracked as CVE-2025-24472 (with a CVSS score of 8.1), in its FortiOS and FortiProxy products to hijack firewalls.
February 11, 2025

SonicWall Firewall Vulnerability Allows VPN Session Hijacking: Urgent Patch Required
Bishop Fox security researchers have released a comprehensive report detailing the exploitation of a vulnerability, CVE-2024-53704, in certain versions of SonicWall's SonicOS SSLVPN application.
February 6, 2025

Urgent Call to Secure Systems Against Ongoing Attacks Exploiting Microsoft Outlook RCE Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to federal agencies to fortify their systems against ongoing attacks that are exploiting a critical remote code execution (RCE) vulnerability in Microsoft Outlook.
February 6, 2025

SimpleHelp RMM Vulnerabilities Exploited to Deploy Sliver Malware
Cybercriminals are exploiting vulnerabilities in SimpleHelp RMM clients to create admin accounts, drop backdoors, and potentially prepare for ransomware attacks.
February 6, 2025

Critical Vulnerabilities in Cisco’s Identity Services Engine: A Detailed Analysis
Cisco has issued fixes for two critical vulnerabilities in its Identity Services Engine (ISE), a platform used by businesses for identity and access management.
February 5, 2025

CISA Mandates Federal Agencies to Address Linux Kernel Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has instructed federal agencies to fortify their systems against a high-risk Linux kernel flaw, known as CVE-2024-53104, within a three-week timeframe.
February 5, 2025

CISA Highlights Exploited Flaws in Microsoft .NET and Apache OFBiz
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has identified four new vulnerabilities that have been exploited in recent attacks.
February 4, 2025

Zyxel Refuses to Patch Actively Exploited Flaws in Discontinued Routers
Zyxel, a network hardware manufacturer, has released a security advisory warning about actively exploited vulnerabilities in its CPE Series devices.

Previous 123 Next

See VULNERA In Action

Meet with a team member to discuss your use cases and see a demo.

Schedule Now

By Solution

By Feature

I Want To…

Learn More

VULNERA vs Vulnerability Scanners

Security Assessment Buyers Guide

Resources

Resources

Blog

Threat Intelligence

I Want To…

Learn More

Top 10 Vulnerability Management Questions Answered

About

About

Partners

I Want To…

Learn More

Simplifying Vulnerability Management

Newswires

See VULNERA In Action

Quick Menu

Features

Subscribe