Exploit Archives • Page 2 of 3 • Daily CyberSecurity

FiberGateway Router Hacked: Portugal’s 1.6M Homes at Risk Router Exploit, FiberGateway

FiberGateway Router Hacked: Portugal’s 1.6M Homes at Risk

Ddos June 3, 2025

Security researcher João Domingos has published a comprehensive breakdown of a full exploit chain affecting the FiberGateway...

Palo Alto Networks Warns of XSS Flaw with PoC Exploit Code GlobalProtect XSS, PAN-OS security

Palo Alto Networks Warns of XSS Flaw with PoC Exploit Code

Ddos May 21, 2025

Palo Alto Networks has issued a security advisory for a reflected cross-site scripting (XSS) vulnerability, tracked as...

High-Risk RAGFlow Flaw: Account Takeover Possible (No Patch, PoC Available)

Ddos May 20, 2025

RAGFlow, the open-source Retrieval-Augmented Generation (RAG) platform developed by Infiniflow, has been found vulnerable to a serious...

Can Your Firewall Be Hacked? Severe Flaws Found in pfSense pfSense hacking, network security risk

Can Your Firewall Be Hacked? Severe Flaws Found in pfSense

Ddos May 20, 2025

Security researcher Navy Titanium have released a technical deep-dive uncovering three severe vulnerabilities affecting pfSense, the popular...

Leaky WordPress: Private Post Titles at Risk for 1 Billion Sites Houzez theme - CVE-2024-22303 and CVE-2024-21743

Leaky WordPress: Private Post Titles at Risk for 1 Billion Sites

Ddos May 20, 2025

Imperva researchers have disclosed a newly discovered vulnerability in WordPress that could expose sensitive draft and private...

PoC Released: iOS Kernel Flaw Allows File System Modification Without Jailbreak iOS kernel vulnerability dirtyZero exploit

PoC Released: iOS Kernel Flaw Allows File System Modification Without Jailbreak

Ddos May 19, 2025

A patched kernel vulnerability, CVE-2025-24203, has attracted great attention in the security community as well as the...

Race Condition in Windows Remote Desktop Gateway Enables RCE – PoC Demonstrates Exploitability RD Gateway RCE CVE-2025-21297

Race Condition in Windows Remote Desktop Gateway Enables RCE – PoC Demonstrates Exploitability

Ddos May 19, 2025

A newly disclosed vulnerability in Microsoft’s Remote Desktop Gateway (RD Gateway) reveals a dangerous race condition that...

URGENT Chrome Update: High-Risk CVE-2025-4664 Flaw Actively Exploited In The Wild – Patch Immediately! Screenshot_20250515-082049

URGENT Chrome Update: High-Risk CVE-2025-4664 Flaw Actively Exploited In The Wild – Patch Immediately!

Ddos May 15, 2025

Google has released a critical Stable Channel Update for Chrome Desktop, bumping the version to 136.0.7103.113/.114 for...

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered GNU Screen vulnerabilities setuid-root exploit

Multiple CVEs in GNU Screen: Local Root Exploit and TTY Hijacking Discovered

Ddos May 13, 2025

A comprehensive security audit by the SUSE Security Team has uncovered a collection of serious flaws in...

DOGE Big Balls Ransomware: New Tools and Tactics Uncovered DOGE Big Balls Ransomware Ransomware infection chain

DOGE Big Balls Ransomware: New Tools and Tactics Uncovered

Ddos May 9, 2025

Netskope Threat Labs has recently uncovered a multi-stage infection chain involving custom PowerShell scripts, open-source tools, exploitation...

Checkmarx Breach Supply Chain Attack Ivanti EPMM RCE CVE-2026-1281 Modular DS Vulnerability CVE-2026-23550 D-Link RCE Vulnerability CVE-2026-0625 Christmas 2025 GreyNoise Campaign, Japan-Based Initial Access Broker React2Shell Zero-Day, APT Active Exploitation WordPress vulnerability, authentication bypass FreePBX, zero-day Trend Micro Apex One, Remote Code Execution BitoPro Hack, Crypto Theft UNC5337 - CVE-2022-47945 Safe{Wallet} hack Fortinet vulnerability, CVE-2024-21762, FortiGate attack Balloonfly, Play ransomware Ivanti EPMM CVE-2025-4427 and CVE-2025-4428

Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks

Ddos May 7, 2025

Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s...

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154) Ladybird, use-after-free

Critical UAF Vulnerability Discovered in Ladybird Browser Engine (CVE-2025-47154)

Ddos May 2, 2025

The Ladybird browser engine, a relatively new entrant originating from the SerenityOS project, has been found to...

CVE-2025-33028: WinZip Flaw Exposes Users to Silent Code Execution via MotW Bypass, No Patch WinZip vulnerability MotW bypass CVE-2025-33028

CVE-2025-33028: WinZip Flaw Exposes Users to Silent Code Execution via MotW Bypass, No Patch

Ddos April 22, 2025

A security flaw has been unearthed in WinZip, the popular file compression utility, placing millions of users...

Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104 Cellebrite exploit, Android zero-day

Cellebrite Android Zero-Day Exploit PoC Released: CVE-2024-53104

Ddos April 21, 2025

A security researcher published a proof-of-concept exploit code for an Android zero-day exploit chain developed by Cellebrite...

Weaver E-cology RCE CVE-2026-22679 CVE-2026-20127 Cisco SD-WAN Exploitation AI-Driven Cyberattack ARXON Malware React Server Components Vulnerability CVE-2025-55182 FortiWeb Auth Bypass, Unauthenticated Admin Takeover RayInitiator Bootkit, LINE VIPER CVE-2025-59689 Department of the Treasury cybersecurity - CVE-2025-0108 PoC CVE-2025-31103 Dior Data Breach SK Telecom data breach, long-term intrusion

APT41/RedGolf Infrastructure Briefly Exposed: Fortinet Zero-Days Targeted Shiseido

Ddos April 21, 2025

In a rare window into the operations of an advanced persistent threat, a KeyPlug-linked infrastructure briefly went...

Urgent Security Alert: CISA Warns of Actively Exploited Apple and Microsoft Vulnerabilities Apple vulnerabilities, NTLM hash spoofing

Urgent Security Alert: CISA Warns of Actively Exploited Apple and Microsoft Vulnerabilities

Ddos April 18, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding three new vulnerabilities to its...

Urgent: Yii 2 Vulnerability CVE-2024-58136 Under Active Exploit

Ddos April 14, 2025

A critical security vulnerability, tracked as CVE-2024-58136 (CVSS 9.1), has been uncovered in the popular PHP web...

CISA Warns of Actively Exploited Linux Kernel Vulnerabilities (CVE-2024-53197, CVE-2024-53150) CVE-2024-28986 exploitation SolarWinds Web Help Desk Linux Vulnerability CVE-2024-53197

CVE-2024-28986 exploitation SolarWinds Web Help Desk Linux Vulnerability CVE-2024-53197

CISA Warns of Actively Exploited Linux Kernel Vulnerabilities (CVE-2024-53197, CVE-2024-53150)

Ddos April 10, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning after adding two newly discovered Linux...

Seven Years Later: Cisco CVE-2018-0171 Still Exposes Thousands to RCE Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center