Vulnerability Archives • Page 40 of 190 • Daily CyberSecurity

Devolutions Warns of Severe RDM Vulnerabilities Allowing Encrypted Communication Interception axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

axios Supply Chain Attack WAVESHAPER.V2 SnappyBee Malware Salt Typhoon Stately Taurus ScoringMathTea RAT, Lazarus Reflective DLL

Devolutions Warns of Severe RDM Vulnerabilities Allowing Encrypted Communication Interception

Do Son February 11, 2025

Devolutions, a leading provider of remote connection management solutions, has issued a security advisory addressing critical vulnerabilities...

CVE-2025-1143: Billion Electric Routers Vulnerable to Remote Takeover Due to Hard-coded Credentials

Do Son February 11, 2025

The Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) has issued a security advisory warning of...

Microsoft Patches Actively Exploited Zero-Day Flaws – CVE-2025-21418 & CVE-2025-21391 Microsoft Patch Tuesday fixes disclosed zero day vulnerabilities Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Microsoft Patch Tuesday fixes disclosed zero day vulnerabilities Windows Wormable Exploit April 2026 Patch Tuesday Microsoft Patch Tuesday Zero-Day Vulnerabilities Microsoft, Patch Tuesday CVE-2025-55234 CVE-2024-43573 and CVE-2024-43572 Microsoft Patch Tuesday Security Vulnerabilities

Microsoft Patches Actively Exploited Zero-Day Flaws – CVE-2025-21418 & CVE-2025-21391

Do Son February 11, 2025

Microsoft has rolled out its February 2025 Patch Tuesday security updates, addressing 67 vulnerabilities across multiple products....

CVE-2024-12797 – High-Severity OpenSSL Flaw: Update Now to Prevent MITM Attacks OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

OpenSSL Vulnerability RSA Memory Leak OpenSSL Vulnerability CVE-2025-15467 CVE-2022-2274 OpenSSL Vulnerabilities, Timing Side-Channel

CVE-2024-12797 – High-Severity OpenSSL Flaw: Update Now to Prevent MITM Attacks

Do Son February 11, 2025

A high-severity vulnerability has been discovered in OpenSSL, a widely-used cryptography library that secures countless websites and...

CVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA Flaw Enables Attackers to Run Arbitrary Code CVE-2023-39335 - CVE-2024-47908 - CVE-2024-11771

CVE-2024-47908 (CVSS 9.1): Critical Ivanti CSA Flaw Enables Attackers to Run Arbitrary Code

Do Son February 11, 2025

Ivanti has issued a security advisory regarding critical vulnerabilities in its Cloud Services Application (CSA). The vulnerabilities,...

SAP Security Patch Day February 2025: Multi Vulnerabilities Addressed CVE-2024-33006 - CVE-2025-0064 SAP Critical Patch, RMI-P4 RCE

SAP Security Patch Day February 2025: Multi Vulnerabilities Addressed

Do Son February 11, 2025

SAP has released its latest round of security patches, addressing 19 new vulnerabilities and updating 2 previous...

GitHub Enterprise SAML Bypass Flaw (CVE-2025-23369) Exposed – Technical Analysis and Exploit PoC CVE-2024-9487 - CVE-2025-23369 PoC

GitHub Enterprise SAML Bypass Flaw (CVE-2025-23369) Exposed – Technical Analysis and Exploit PoC

Do Son February 10, 2025

Security researcher Hakivvi has published an in-depth analysis of CVE-2025-23369 (CVSSv4 7.6), a vulnerability that allows attackers...

Multiple Security and Privacy Flaws Found in DeepSeek iOS App DeepSeek V3 App Store

Multiple Security and Privacy Flaws Found in DeepSeek iOS App

Do Son February 10, 2025

A recent security and privacy assessment by NowSecure has uncovered multiple severe vulnerabilities in the DeepSeek iOS...

CVE-2025-1077 (CVSSv4 9.5): Critical RCE Vulnerability Found in Visual Weather Products

Do Son February 10, 2025

IBL Software Engineering has issued a security advisory regarding a critical Remote Code Execution (RCE) vulnerability affecting...

Progress LoadMaster Security Update: Multiple Vulnerabilities Addressed CVE-2024-6327 - CVE-2024-56131

Progress LoadMaster Security Update: Multiple Vulnerabilities Addressed

Do Son February 10, 2025

Progress has issued a security advisory addressing multiple vulnerabilities affecting all current LoadMaster releases and the LoadMaster...

Misconfigured APIs Expose Sensitive Medical Data in Major Diagnostic Chain

Do Son February 10, 2025

A recent investigation by CloudSEK’s BeVigil platform has revealed critical vulnerabilities in the API infrastructure of a...

768 CVEs Exploited in 2024: VulnCheck Warns of Rising Threat WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

768 CVEs Exploited in 2024: VulnCheck Warns of Rising Threat

Do Son February 10, 2025

A new report from VulnCheck reveals a concerning rise in vulnerability exploitation, with 768 CVEs reported as...

Apple Issues Emergency Updates to Patch Actively Exploited Zero-Day Vulnerability – CVE-2025-24200 DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

Apple Issues Emergency Updates to Patch Actively Exploited Zero-Day Vulnerability – CVE-2025-24200

Do Son February 10, 2025

Apple today released urgent security updates for iOS and iPadOS to address a zero-day vulnerability that has...

AnyDesk Exploit Alert: CVE-2024-12754 Enables Privilege Escalation—PoC Available CVE-2024-12754 PoC

AnyDesk Exploit Alert: CVE-2024-12754 Enables Privilege Escalation—PoC Available

Do Son February 9, 2025

Security researcher Naor Hodorov has recently published an analysis of a vulnerability discovered in AnyDesk, a popular...

CVE-2025-25064 (CVSS 9.8): Critical SQL Injection Bug in Zimbra Collaboration

Do Son February 9, 2025

Zimbra Collaboration, a widely used open-source email and collaboration platform, has been found to contain two newly...

CVE-2025-0674 (CVSS 9.8) & CVE-2025-0675: CISA Warns of Critical Elber Flaws – PoC Available, No Patch

Do Son February 9, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding critical vulnerabilities in Elber...

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor

Do Son February 9, 2025

Cybersecurity firm Field Effect has identified and thwarted a sophisticated cyberattack that leveraged newly discovered vulnerabilities in...

CVE-2024-48510 (CVSS 9.8): Critical Flaw in ABB Drive Composer Enables File System Access ABB T-MAC Plus vulnerabilities terminal system flaws ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

CVE-2024-48510 (CVSS 9.8): Critical Flaw in ABB Drive Composer Enables File System Access

Do Son February 9, 2025

Industrial automation giant ABB has issued a cybersecurity advisory addressing a critical path traversal vulnerability (CVE-2024-48510) in...

CVE-2025-0896 (CVSS 9.8): Orthanc DICOM Server Flaw Exposes Medical Images to Unauthorized Access

Do Son February 9, 2025

A critical-severity vulnerability has been discovered in Orthanc, an open-source DICOM server used in healthcare environments to...

Abyss Locker Ransomware: Inside the Stealthy Network Intrusions and Destructive Attacks INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Abyss Locker Ransomware: Inside the Stealthy Network Intrusions and Destructive Attacks

Do Son February 9, 2025

Abyss Locker, an emerging ransomware group that surfaced in 2023, has swiftly escalated its cyber onslaught throughout...