Enterprise Security Archives • Daily CyberSecurity

Critical IBM AIX RCE (CVE-2025-36250, CVSS 10.0) Flaw Exposes NIM Private Keys and Risks Directory Traversal IBM AIX RCE, NIM Private Key Leak

Critical IBM AIX RCE (CVE-2025-36250, CVSS 10.0) Flaw Exposes NIM Private Keys and Risks Directory Traversal

Ddos November 17, 2025

GitLab Patches Two High-Severity Flaws in GraphQL API Affecting Both CE and EE Editions GitLab Runner Hijack, DoS Fix GitLab GraphQL Flaws, CVE-2025-11340 CVE-2024-9693 GitLab vulnerability, XSS

GitLab Runner Hijack, DoS Fix GitLab GraphQL Flaws, CVE-2025-11340 CVE-2024-9693 GitLab vulnerability, XSS

GitLab Patches Two High-Severity Flaws in GraphQL API Affecting Both CE and EE Editions

Ddos October 9, 2025

FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

Morte Botnet Unveiled: A Rapidly Growing Loader-as-a-Service Campaign Exploiting Routers and Enterprise Apps

Ddos September 29, 2025

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack NetScaler, CVE-2025-7775

URGENT: NetScaler Zero-Day CVE-2025-7775 Under Active Attack

Ddos August 26, 2025

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA KEV WinRAR Zero-Day, Cloud Files UAF OpenPLC ScadaBR, CVE-2021-26829 CISA KEV, Gladinet LFI RCE XWiki RCE, VMware EoP CISA KEV CISA, Known Exploited Vulnerabilities CVE-2020-2883 CISA, Trend Micro

CISA Adds Citrix and Git Flaws to Known Exploited Vulnerabilities Catalog

Ddos August 26, 2025

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7 Privileged access manager, Securden

Four Critical Flaws in a Privileged Access Manager Exposed by Rapid7

Ddos August 26, 2025

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks Tableau Vulnerability CVE-2025-26496

CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks

Ddos August 25, 2025

IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157) IBM Vulnerability CVE-2025-36157

IBM Issues Critical Patch for Jazz Team Server Vulnerability (CVE-2025-36157)

Ddos August 25, 2025

CVE-2025-36038: Critical RCE Vulnerability Discovered in IBM WebSphere Application Server IBM WebSphere, Remote Code Execution

CVE-2025-36038: Critical RCE Vulnerability Discovered in IBM WebSphere Application Server

Ddos June 27, 2025

Critical Versa Director Flaw: RCE Possible via HA Ports, PoC Available

Ddos June 20, 2025

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform HPE Aruba, 5G Security

HPE Aruba Networking Patches Sensitive Data Exposure Vulnerability in Private 5G Core Platform

Ddos June 11, 2025

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control Ivanti Workspace Control

Ivanti Patches High-Severity Credential Decryption Flaws in Workspace Control

Ddos June 11, 2025

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered! CVE-2025-3835, Exchange Reporter Plus

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered!

Ddos June 9, 2025

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access HPE Security, Insight RS Vulnerabilities

CVSS 9.8 Alert: Critical Flaws in HPE Insight Remote Support Enable RCE & File Access

Ddos June 5, 2025

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix NetFax Vulnerabilities, RCE

Critical RCE Flaws in MICI NetFax Server Unpatched, Vendor Refuses Fix

Ddos June 2, 2025

Print Security Warning: Canon Printers Exposed to Data Theft Printer security, Canon update

Print Security Warning: Canon Printers Exposed to Data Theft

Ddos May 23, 2025

Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks Mitel vulnerabilities, SIP phone security

Critical Vulnerabilities Uncovered in Mitel SIP Phones: Command Injection and File Upload Risks

Ddos May 11, 2025

Google: Zero-Day Exploits Shift from Browsers to Enterprise Security Tools in 2024 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

Google: Zero-Day Exploits Shift from Browsers to Enterprise Security Tools in 2024

Ddos April 29, 2025

Google Launches Unified Security Powered by Gemini AI, Enhances Enterprise Protection Google Unified Security Gemini AI Security

Google Launches Unified Security Powered by Gemini AI, Enhances Enterprise Protection

Ddos April 9, 2025