Critical Alert 1 Active Exploit Detected Today

CVE-2024-21182 — Oracle WebLogic Server Unspecified Vulnerability →

Powered by CVE Watchtower

×

News

MirrorFace: Unmasking the Chinese Cyber Espionage Group Targeting Japan AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

AccountDumpling Phishing Google AppSheet Abuse AI-Generated Malware PureRAT Campaign RondoDoX Botnet, Next.js React2Shell EchoGather, Paper Werewolf Salt Typhoon, Telecom Espionage BreachForums, Conor Fitzpatrick Ransomware Negotiation, DOJ Investigation MirrorFace group - Earth Kasha Emperor Dragonfly

MirrorFace: Unmasking the Chinese Cyber Espionage Group Targeting Japan

Ddos January 8, 2025

On January 8, 2025, the Japanese National Police Agency (NPA) issued a critical warning regarding ongoing cyberattacks...

CVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available

CVE-2024-54006 & CVE-2024-54007 Aruba AOS Vulnerabilities CVE-2025-37168

CVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available

Ddos January 8, 2025

HPE Aruba Networking has issued a security advisory addressing multiple command injection vulnerabilities in its 501 Wireless...

CVE-2024-5594 (CVSS 9.1): Critical Vulnerability in OpenVPN Enables Code Execution CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

CVE-2023-7235 - CVE-2024-5594 OpenVPN Buffer Over-read, HMAC Bypass

CVE-2024-5594 (CVSS 9.1): Critical Vulnerability in OpenVPN Enables Code Execution

Ddos January 8, 2025

The open-source VPN software OpenVPN has patched three significant vulnerabilities in OpenVPN 2.6.11, released on June 21,...

CVE-2024-46622 (CVSS 9.8): SecureAge Security Suite Patches Critical Privilege Escalation Flaw

CVE-2024-46622

CVE-2024-46622 (CVSS 9.8): SecureAge Security Suite Patches Critical Privilege Escalation Flaw

Ddos January 8, 2025

SecureAge Technology has released updates to address a critical privilege escalation vulnerability in its SecureAge Security Suite....

Fraudsters Exploit Trust with Fake Refund Schemes in the Middle East EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

EU Education Scams, .edu.eu Domain App Store security Refund Schemes - Texas Pharmacist's Fraudulent

Fraudsters Exploit Trust with Fake Refund Schemes in the Middle East

Ddos January 8, 2025

A report from Group-IB reveals a sophisticated social engineering scam targeting consumers in the Middle East, leveraging...

CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

Ivanti ITSM vulnerability authenticated privilege escalation Ivanti Xtraction vulnerability CVE-2026-8043 Ivanti EPM RCE, SQL Injection Ivanti EPM, remote code execution CVE-2024-50330 - CVE-2025-0282 and CVE-2025-0283

CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw

Ddos January 8, 2025

Ivanti has issued a security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and Neurons...

DNA Sequencer BIOS Vulnerabilities Pose Significant Supply Chain Risks DNA Sequencer Vulnerabilities

DNA Sequencer Vulnerabilities

DNA Sequencer BIOS Vulnerabilities Pose Significant Supply Chain Risks

Ddos January 8, 2025

In a recent revelation, Eclypsium’s research team has uncovered severe BIOS/UEFI vulnerabilities in a widely used DNA...

CVE-2024-52875: KerioControl Firewall Flaw Under Active Exploit, Urgent Patching Required WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

WHILL Wheelchair Hijacking, CVE-2025-14346 MAS typosquatting malware, get.activate.win vs get.activated.win OpenShift GitOps RCE, Cluster Takeover Flaw Twonky Server, CVE-2025-13315 AI agents CVE-2024-52875 PoC

CVE-2024-52875: KerioControl Firewall Flaw Under Active Exploit, Urgent Patching Required

Ddos January 7, 2025

A critical vulnerability in GFI KerioControl firewalls (versions 9.2.5 through 9.4.5) is under active exploitation, allowing attackers...

Casio Discloses Data Leak Following Ransomware Attack Casio Network Breach - data leak

Casio Network Breach - data leak

Casio Discloses Data Leak Following Ransomware Attack

Ddos January 7, 2025

Casio Computer Co., Ltd. has disclosed the results of its investigation into a ransomware attack that compromised...

CVE-2024-50603 (CVSS 10): Critical Command Injection Vulnerability in Aviatrix Controller

CVE-2024-50603

CVE-2024-50603 (CVSS 10): Critical Command Injection Vulnerability in Aviatrix Controller

Ddos January 7, 2025

Jakub Korepta, Principal Security Consultant and Head of Infrastructure Security at Securing, has released a detailed report...

“Gayfemboy” Botnet Leveraging 0-Day Exploit in Four-Faith Industrial Routers Gayfemboy botnet

Gayfemboy botnet

“Gayfemboy” Botnet Leveraging 0-Day Exploit in Four-Faith Industrial Routers

Ddos January 7, 2025

XLab has released a report on the Gayfemboy botnet, a rapidly evolving threat leveraging a 0-day vulnerability...

SonicWall Issues Important Security Advisory for Multiple Vulnerabilities in SonicOS SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall Issues Important Security Advisory for Multiple Vulnerabilities in SonicOS

Ddos January 7, 2025

SonicWall, a leading cybersecurity provider, has issued an important security advisory warning of multiple vulnerabilities affecting its...

CISA Alerts on Actively Exploited Vulnerabilities in Mitel MiCollab and Oracle WebLogic Server n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

n8n RCE Vulnerability CVE-2025-68613 CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Alerts on Actively Exploited Vulnerabilities in Mitel MiCollab and Oracle WebLogic Server

Ddos January 7, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to organizations about three actively...

Trio of Critical Vulnerabilities in Netis Routers Enables Unauthenticated RCE CVE-2024-48455, CVE-2024-48456, and CVE-2024-48457

CVE-2024-48455, CVE-2024-48456, and CVE-2024-48457

Trio of Critical Vulnerabilities in Netis Routers Enables Unauthenticated RCE

Ddos January 7, 2025

A recent report by security researcher H00die.Gr3y has revealed a series of critical vulnerabilities affecting several Netis...

Chrome Update Addresses High-Severity Vulnerability: CVE-2025-0291

CVE-2025-0291

Chrome Update Addresses High-Severity Vulnerability: CVE-2025-0291

Ddos January 7, 2025

Google has just released a critical security update for its Chrome web browser, addressing a high-severity vulnerability...

Authentication Bypass Vulnerability Found in Dell OpenManage Server Administrator Dell ECS Security Update CVE-2026-40636 Hard-coded Credentials Dell Business Price Increase, RAM and SSD Shortage 2025 Dell Data Lakehouse, Critical Privilege Escalation Authentication Bypass Vulnerability CVE-2025-22398

Dell ECS Security Update CVE-2026-40636 Hard-coded Credentials Dell Business Price Increase, RAM and SSD Shortage 2025 Dell Data Lakehouse, Critical Privilege Escalation Authentication Bypass Vulnerability CVE-2025-22398

Authentication Bypass Vulnerability Found in Dell OpenManage Server Administrator

Ddos January 7, 2025

Dell Technologies has issued a critical security advisory for its OpenManage Server Administrator (OMSA) software. The advisory...

Secure Your Repos: go-git Patches Critical Vulnerability – CVE-2025-21613 (CVSS 9.8) CVE-2025-21613 & CVE-2025-21614

CVE-2025-21613 & CVE-2025-21614

Secure Your Repos: go-git Patches Critical Vulnerability – CVE-2025-21613 (CVSS 9.8)

Ddos January 7, 2025

The popular Go library for Git interaction, go-git, has recently released version 5.13 to address two critical...

CVE-2024-51741 and CVE-2024-46981: Redis Flaws Expose Millions to DoS and RCE Risks Redis RCE, HyperLogLog Vulnerability CVE-2024-51741 - CVE-2024-46981

Redis RCE, HyperLogLog Vulnerability CVE-2024-51741 - CVE-2024-46981

CVE-2024-51741 and CVE-2024-46981: Redis Flaws Expose Millions to DoS and RCE Risks

Ddos January 6, 2025

Two vulnerabilities have been discovered in Redis, the popular in-memory database, leaving millions of users at risk....

CVE-2024-43096 and More: Critical RCE Flaws Patched in Android Security Update Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

Android Zero-Click RCE CVE-2026-0073 Android sideloading CVE-2024-43096, CVE-2024-43770, CVE-2024-43771, CVE-2024-49747 and, CVE-2024-49748

CVE-2024-43096 and More: Critical RCE Flaws Patched in Android Security Update

Ddos January 6, 2025

The Android Security Bulletin for January 2025 highlights critical security vulnerabilities affecting millions of Android devices globally....

CVE-2024-20154: Critical RCE Flaw in MediaTek Chipsets Impacts Millions MediaTek Modem Vulnerabilities, January 2026 Security Bulletin MediaTek Vulnerabilities, Chipset Security CVE-2024-20103 & CVE-2024-20100 - CVE-2024-20154 - February 2025 Product Security Bulletin

MediaTek Modem Vulnerabilities, January 2026 Security Bulletin MediaTek Vulnerabilities, Chipset Security CVE-2024-20103 & CVE-2024-20100 - CVE-2024-20154 - February 2025 Product Security Bulletin

CVE-2024-20154: Critical RCE Flaw in MediaTek Chipsets Impacts Millions

Ddos January 6, 2025

MediaTek has released its January 2025 Product Security Bulletin, addressing a range of security vulnerabilities affecting its...