Vulnerability Archives • Page 40 of 190 • Daily CyberSecurity

GitHub Enterprise SAML Bypass Flaw (CVE-2025-23369) Exposed – Technical Analysis and Exploit PoC CVE-2024-9487 - CVE-2025-23369 PoC

GitHub Enterprise SAML Bypass Flaw (CVE-2025-23369) Exposed – Technical Analysis and Exploit PoC

Ddos February 10, 2025

Security researcher Hakivvi has published an in-depth analysis of CVE-2025-23369 (CVSSv4 7.6), a vulnerability that allows attackers...

Multiple Security and Privacy Flaws Found in DeepSeek iOS App DeepSeek V3 App Store

Multiple Security and Privacy Flaws Found in DeepSeek iOS App

Ddos February 10, 2025

A recent security and privacy assessment by NowSecure has uncovered multiple severe vulnerabilities in the DeepSeek iOS...

CVE-2025-1077 (CVSSv4 9.5): Critical RCE Vulnerability Found in Visual Weather Products

Ddos February 10, 2025

IBL Software Engineering has issued a security advisory regarding a critical Remote Code Execution (RCE) vulnerability affecting...

Progress LoadMaster Security Update: Multiple Vulnerabilities Addressed CVE-2024-6327 - CVE-2024-56131

Progress LoadMaster Security Update: Multiple Vulnerabilities Addressed

Ddos February 10, 2025

Progress has issued a security advisory addressing multiple vulnerabilities affecting all current LoadMaster releases and the LoadMaster...

Misconfigured APIs Expose Sensitive Medical Data in Major Diagnostic Chain

Ddos February 10, 2025

A recent investigation by CloudSEK’s BeVigil platform has revealed critical vulnerabilities in the API infrastructure of a...

768 CVEs Exploited in 2024: VulnCheck Warns of Rising Threat WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

WhatsApp Worm, Brazilian Banking Trojan LAPSUS$ Alliance, Scattered Spider Ransomware, Cybercrime RedCurl APT group Russian Cyberespionage, ApolloShadow Malware

768 CVEs Exploited in 2024: VulnCheck Warns of Rising Threat

Ddos February 10, 2025

A new report from VulnCheck reveals a concerning rise in vulnerability exploitation, with 768 CVEs reported as...

Apple Issues Emergency Updates to Patch Actively Exploited Zero-Day Vulnerability – CVE-2025-24200 DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

DarkSword exploit kit iOS 18.7.7 security update CVE-2024-44308 & CVE-2024-44309 Apple appeal, Epic Games lawsuit

Apple Issues Emergency Updates to Patch Actively Exploited Zero-Day Vulnerability – CVE-2025-24200

Ddos February 10, 2025

Apple today released urgent security updates for iOS and iPadOS to address a zero-day vulnerability that has...

AnyDesk Exploit Alert: CVE-2024-12754 Enables Privilege Escalation—PoC Available CVE-2024-12754 PoC

AnyDesk Exploit Alert: CVE-2024-12754 Enables Privilege Escalation—PoC Available

Ddos February 9, 2025

Security researcher Naor Hodorov has recently published an analysis of a vulnerability discovered in AnyDesk, a popular...

CVE-2025-25064 (CVSS 9.8): Critical SQL Injection Bug in Zimbra Collaboration

Ddos February 9, 2025

Zimbra Collaboration, a widely used open-source email and collaboration platform, has been found to contain two newly...

CVE-2025-0674 (CVSS 9.8) & CVE-2025-0675: CISA Warns of Critical Elber Flaws – PoC Available, No Patch

Ddos February 9, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding critical vulnerabilities in Elber...

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Threat Actors Exploit SimpleHelp Vulnerabilities to Deploy Sliver Backdoor

Ddos February 9, 2025

Cybersecurity firm Field Effect has identified and thwarted a sophisticated cyberattack that leveraged newly discovered vulnerabilities in...

CVE-2024-48510 (CVSS 9.8): Critical Flaw in ABB Drive Composer Enables File System Access ABB OPTIMAX Vulnerability CVE-2025-14510 ABB Edgenius Auth Bypass, Critical RCE ABB, ASPECT BMS CVE-2024-48841, CVE-2024-48849, and CVE-2024-48852 CVE-2024-48510

CVE-2024-48510 (CVSS 9.8): Critical Flaw in ABB Drive Composer Enables File System Access

Ddos February 9, 2025

Industrial automation giant ABB has issued a cybersecurity advisory addressing a critical path traversal vulnerability (CVE-2024-48510) in...

CVE-2025-0896 (CVSS 9.8): Orthanc DICOM Server Flaw Exposes Medical Images to Unauthorized Access

Ddos February 9, 2025

A critical-severity vulnerability has been discovered in Orthanc, an open-source DICOM server used in healthcare environments to...

Abyss Locker Ransomware: Inside the Stealthy Network Intrusions and Destructive Attacks INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

INC Ransom Pacific Cyber Threats OysterLoader Malware Rhysida Ransomware Black Basta Ransomware BYOVD Technique Velociraptor Abuse, Storm-2603 Ransomware Crypto24, Ransomware Ransomware Payments, UK Legislation ZACROS data breach

Abyss Locker Ransomware: Inside the Stealthy Network Intrusions and Destructive Attacks

Ddos February 9, 2025

Abyss Locker, an emerging ransomware group that surfaced in 2023, has swiftly escalated its cyber onslaught throughout...

CVE-2025-24786 (CVSS 10) & CVE-2025-24787: Critical WhoDB Vulnerabilities CVE-2025-24786 & CVE-2025-24787

CVE-2025-24786 (CVSS 10) & CVE-2025-24787: Critical WhoDB Vulnerabilities

Ddos February 9, 2025

The widely used database management tool WhoDB has been found to contain two critical security vulnerabilities—a path...

CVE-2024-51547 (CVSS 9.8): Hard-Coded Credentials in ABB ASPECT

Ddos February 8, 2025

ABB has released a cybersecurity advisory warning about a critical hard-coded credentials vulnerability (CVE-2024-51547, CVSS 9.8) in...

IBM Security Verify Directory Vulnerable to Critical Security Flaw – CVE-2024-51450 (CVSS 9.1) IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM API Connect, CVE-2025-13915 IBM Privilege Escalation, CVE-2025-36356 IBM Power Systems - CVE-2024-45656 CVE-2024-49814 and CVE-2024-51450 CVE-2024-56346 and CVE-2024-56347 CVE-2025-1302

IBM Security Verify Directory Vulnerable to Critical Security Flaw – CVE-2024-51450 (CVSS 9.1)

Ddos February 7, 2025

IBM has issued a security bulletin addressing two vulnerabilities in its Security Verify Directory Server Container that...

CVE-2025-0994: Critical Vulnerability in Trimble Cityworks Exploited in the Wild

Ddos February 7, 2025

Trimble, a leading provider of industrial technology solutions, has issued an urgent cybersecurity advisory regarding a critical...

CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available CVE-2024-21413 exploit

CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available

Ddos February 7, 2025

A critical vulnerability in Microsoft Outlook, tracked as CVE-2024-21413, is being actively exploited in the wild, posing...

NETGEAR Patches Critical Security Vulnerabilities in WiFi Routers (CVE-2025-25246) and Access Points CVE-2022-48196 NETGEAR Security Vulnerabilities

CVE-2022-48196 NETGEAR Security Vulnerabilities

NETGEAR Patches Critical Security Vulnerabilities in WiFi Routers (CVE-2025-25246) and Access Points

Ddos February 6, 2025

NETGEAR has recently issued security advisories addressing critical vulnerabilities in several of its WiFi router and access...

Critical Alert 1 Active Exploit Detected Today