ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks
Fortinet has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now being widely exploited. [...]
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorc
Millions of sites at risk from Imunify360 critical flaw exploit
A vulnerability affecting Imunify360 lets attackers run code via malicious file uploads, risking millions of websites. A vulnerability in ImunifyAV/Imunify360 allows attackers to upload malicious files to shared servers
NVIDIA NeMo Framework Vulnerabilities Allows Code Injection and Privilege Escalation
NVIDIA has issued a critical security update addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute malicious code and escalate privileges on affected systems. The vulner
Critical FortiWeb flaw under attack, allowing complete compromise
A Fortinet FortiWeb auth-bypass flaw is being actively exploited, allowing attackers to hijack admin accounts and fully compromise devices. Researchers warn of an authentication bypass flaw in Fortinet FortiWeb WAF that
Multiple vulnerabilities in Cisco Unified CCX Allow Attackers to Execute Arbitrary Commands
Cisco has released security updates to address two critical vulnerabilities in Unified Contact Center Express (Unified CCX) that could allow unauthenticated attackers to execute arbitrary commands with root privileges an
ASUS warns of critical auth bypass flaw in DSL series routers
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. [...]
Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks
A severe remote code execution (RCE) vulnerability has been discovered in Imunify360 AV, a widely used malware scanner protecting approximately 56 million websites. The security flaw, recently patched by CloudLinux, allo
Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack
The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, tied to CVE-2025-6188
Critical Fortinet FortiWeb Vulnerability Exploited in the Wild to Admin Accounts
A critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF) is being actively exploited by threat actors, potentially as a zero-day attack vector. The flaw, which enables unauthenticated attackers to g
FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances
Threat actors are actively exploiting a critical authentication bypass vulnerability in Fortinet’s FortiWeb web application firewall (WAF) worldwide, prompting defenders to heighten vigilance. Researchers at watchTowr La
Multiple GitLab Vulnerabilities Let Attackers Inject Malicious Prompts to Steal Sensitive Data
GitLab has released urgent security patches addressing multiple vulnerabilities affecting both the Community Edition and the Enterprise Edition. The company released versions 18.5.2, 18.4.4, and 18.3.6 to fix critical se
Popular Android-based photo frames download malware on boot
Uhale Android-based digital picture frames come with multiple critical security vulnerabilities and some of them download and execute malware at boot time. [...]
Multiple Kibana Vulnerabilities Enables SSRF and XSS Attacks
Elastic Security has disclosed critical vulnerabilities affecting Kibana that could enable attackers to execute Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) attacks against vulnerable deployments. Th
Critical WatchGuard Firebox Vulnerability Exploited in Attacks
Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. The post Critical WatchGuard Firebox Vulnerability Exploited in Attacks appeared first on Se
Palo Alto PAN-OS Firewall Vulnerability Let Attackers Reboot Firewall by Sending Malicious Packet
Palo Alto Networks has disclosed a critical denial-of-service vulnerability in its PAN-OS firewall software that allows unauthenticated attackers to remotely reboot firewalls by sending specially crafted packets. Tracked
Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon
Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days. The post Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon ap
Critical Dell Data Lakehouse Vulnerability Let Remote Attacker Escalate Privileges
Dell Technologies has disclosed a critical security vulnerability in its Data Lakehouse platform that could allow remote attackers to escalate privileges and compromise system integrity. The flaw, tracked as CVE-2025-466
CISA Flags Critical WatchGuard Fireware Flaw Exposing 54,000 Fireboxes to No-Login Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting WatchGuard Fireware to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active
CISA Warns of Federal Agencies Not Fully Patching Actively Exploited Cisco ASA or Firepower Devices
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding federal agencies. Failing to properly patch Cisco Adaptive Security Appliances (ASA) and Firepower Threat Defense (FTD) de