News Targeted

News

Articles tagged with exploit

Windows-08-04-25.png

Windows CLFS zero-day exploited by ransomware gang

Category: Microsoft|Apr 8, 2025 | Author: Admin

Microsoft says the RansomEXX ransomware gang has been exploiting a high-severity zero-day flaw in the Windows Common Log File System to gain SYSTEM privileges on victims' systems. [more]

CrushFTP_headpic-01-04-25.png

Critical auth bypass bug in CrushFTP now exploited in attacks

Category: IT|Apr 1, 2025 | Author: Admin

Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. [more]

wordpress-27-03-25.png

The 4 WordPress flaws hackers targeted the most in Q1 2025

Category: IT|Mar 27, 2025 | Author: Admin

A new report sheds light on the most targeted WordPress plugin vulnerabilities hackers used in the first quarter of 2025 to compromise sites. [more]

0_Parallels-24-02-25.png

Exploits for unpatched Parallels Desktop flaw give root on Macs

Category: IT|Feb 24, 2025 | Author: Admin

Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices. [more]

craft-cms-header-w-21-02-25.png

CISA flags Craft CMS code injection flaw as exploited in attacks

Category: IT|Feb 21, 2025 | Author: Admin

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. [more]

Palo-Alto-Networks-15-02-25.png

Hackers exploit authentication bypass in Palo Alto Networks PAN-OS

Category: IT|Feb 15, 2025 | Author: Admin

Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication. [more]

Fortinet-vulnerability-27-12-24.png

Fortinet warns of FortiWLM bug giving hackers admin privileges

Category: IT|Dec 27, 2024 | Author: Admin

Fortinet has disclosed a critical vulnerability in Fortinet Wireless Manager (FortiWLM) that allows remote attackers to take over devices by executing unauthorized code or commands through specially crafted web requests. [more]

Windows-16-12-24.png

Windows kernel bug now exploited in attacks to gain SYSTEM privileges

Category: Microsoft|Dec 16, 2024 | Author: Admin

CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. [more]

hacker-12-12-24.png

Cleo patches critical zero-day exploited in data theft attacks

Category: IT|Dec 12, 2024 | Author: Admin

Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, which is currently exploited in data theft attacks. [more]

io-data-logo-04-12-24.png

Japan warns of IO-Data zero-day router flaws exploited in attacks

Category: IT|Dec 4, 2024 | Author: Admin

Japan's CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall. [more]

Exchange_Online-28-11-24.png

Microsoft re-releases Exchange updates after fixing mail delivery

Category: Microsoft|Nov 28, 2024 | Author: Admin

​Microsoft has re-released the November 2024 security updates for Exchange Server after pulling them earlier this month due to email delivery issues on servers using custom mail flow rules. [more]

CISA-red-flare-26-11-24.png

Hackers exploit critical bug in Array Networks SSL VPN products

Category: IT|Nov 26, 2024 | Author: Admin

America's cyber defense agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. [more]

CISA-19-11-24.png

CISA tags Progress Kemp LoadMaster flaw as exploited in attacks

Category: General|Nov 19, 2024 | Author: Admin

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster. [more]

hacker-looking-at-screens-05-11-24.png

Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

Category: IT|Nov 5, 2024 | Author: Admin

Article updated to add information from CyberPanel developer and with information on free decryptor. [more]

Lazarus-1-25-10-24.png

Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

Category: Google|Oct 25, 2024 | Author: Admin

The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. [more]

back-2-23-10-24.png

Over 6,000 WordPress hacked to install plugins pushing infostealers

Category: IT|Oct 23, 2024 | Author: Admin

WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. [more]

solarwinds-22-10-24.png

SolarWinds Web Help Desk flaw is now exploited in attacks

Category: IT|Oct 22, 2024 | Author: Admin

CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late August 2024. [more]

ivanti-24-09-24.png

Critical Ivanti vTM auth bypass bug now exploited in attacks

Category: IT|Sep 24, 2024 | Author: Admin

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks. [more]

Ivanti-13-08-24.png

Ivanti warns of critical vTM auth bypass with public exploit

Category: IT|Aug 13, 2024 | Author: Admin

​Today, Ivanti urged customers to patch a critical authentication bypass vulnerability impacting Virtual Traffic Manager (vTM) appliances that can let attackers create rogue administrator accounts. [more]

arget-zvhhkivur9m-unsplash.jpg

This Windows 11 Wi-Fi vulnerability shows the importance of keeping your PC up to date

Category: Microsoft|Jun 25, 2024 | Author: Admin

Microsoft has recently confirmed the existence of CVE-2024-30078, which is a new Wi-Fi takeover attack that could allow malicious users to inject malware onto a Windows PC or laptop remotely. This vulnerability wasn't originally publicly disclosed and is now patched with an up-to-date... [more]

Fortra_GoAnywhere_MFT_headpic.png

Exploit released for Fortra GoAnywhere MFT auth bypass bug

Category: IT|Jan 25, 2024 | Author: Admin

Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal. [more]

rbMTYHKg3jzHg8WMTMmEhF-650-80.png

WinRAR has a major security bug, and you have to install its fix manually

Category: IT|Oct 20, 2023 | Author: Admin

Attackers can utilize a bug to execute code on your PC when you open zipped files. [more]


Linux-14-05-25.png

Microsoft fixes Linux boot issues on dual-boot Windows systems

Category: Microsoft|May 14, 2025 | Author: Admin
Windows_11-13-05-25.png

Windows 11 upgrade block lifted after Safe Exam Browser fix

Category: Microsoft|May 13, 2025 | Author: Admin
bluetooth-12-05-25.png

Bluetooth 6.1 enhances privacy with randomized RPA timing

Category: IT|May 12, 2025 | Author: Admin
ChatGPT-22-05-25.png

ChatGPT is finally adding Download as PDF for Deep Research

Category: IT|May 11, 2025 | Author: Admin
Microsoft-Teams-10-05-25.png

Microsoft Teams will soon block screen capture during meetings

Category: Microsoft|May 10, 2025 | Author: Admin
cryptocurrency-header-09-05-25.png

Germany takes down eXch cryptocurrency exchange, seizes servers

Category: IT|May 9, 2025 | Author: Admin
Discord-08-05-25.png

Malicious PyPi package hides RAT malware, targets Discord devs since 2022

Category: IT|May 8, 2025 | Author: Admin
WordPress-headpic-07-05-25.png

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Category: IT|May 7, 2025 | Author: Admin
apache-header-image-06-05-25.png

Apache Parquet exploit tool detect servers vulnerable to critical flaw

Category: IT|May 6, 2025 | Author: Admin
co-op-05-05-25.png

Co-op confirms data theft after DragonForce ransomware claims attack

Category: IT|May 5, 2025 | Author: Admin
magecart-04-05-25.png

Magento supply chain attack compromises hundreds of e-stores

Category: IT|May 4, 2025 | Author: Admin
Microsoft_logo-03-05-25.png

Microsoft ends Authenticator password autofill, moves users to Edge

Category: Microsoft|May 3, 2025 | Author: Admin
TikTok-02-05-25.png

TikTok fined €530 million for sending European user data to China

Category: IT|May 2, 2025 | Author: Admin
Image-1-mai-2025-23_44_29-01-05-25.png

1. mai – En dag for solidaritet, samhold og kamp for rettferdighet

Category: Norge|May 1, 2025 | Author: Admin
cloudflare-ddos-30-04-25.png

Cloudflare mitigates record number of DDoS attacks in 2025

Category: IT|Apr 30, 2025 | Author: Admin
more