VULNERABILITY 64

• Anomali Cyber Watch - Nimbus Manticore, Spoofed IC3 Portals, a Record-Breaking DDoS Attack, and More Oct 23, 2025
• PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability Oct 20, 2025
• WatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Code Oct 19, 2025
• New Oracle E-Business Suite Bug Could Let Hackers Access Data Without Login Oct 12, 2025
• The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn Oct 7, 2025
• 13-year-old Critical Redis RCE Vulnerability Let Attackers Gain Full Access to Host System Oct 7, 2025
• Microsoft Critical GoAnywhere bug exploited in ransomware attacks Oct 6, 2025
• New WireTap Attack Breaks Server SGX to Exfiltrate Sensitive Data Oct 5, 2025
• Critical CVSS 10 Flaw in GoAnywhere File Transfer Threatens 20,000 Systems Sep 25, 2025
• Cisco warns of IOS zero-day vulnerability exploited in attacks Sep 24, 2025
• CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability Sep 24, 2025
• Microsoft Fixed Entra ID Vulnerability Allowing Global Admin Impersonation Sep 23, 2025
• Microsoft Entra ID flaw allowed hijacking any company's tenant Sep 22, 2025
• Google Chrome 0-Day Vulnerability Actively Exploited in the Wild – Patch Now Sep 18, 2025
• How a Plaintext File On Users’ Desktops Exposed Secrets Leads to Akira Ransomware Attacks Sep 17, 2025
• IBM QRadar SIEM Vulnerability Let Attackers Perform Unauthorized Actions Sep 15, 2025
• New HybridPetya Weaponizing UEFI Vulnerability to Bypass Secure Boot on Outdated Systems Sep 12, 2025
• DELMIA Factory Software Vulnerability Exploited in Attacks Sep 12, 2025
• Microsoft Patch Tuesday, September 2025 Edition Sep 9, 2025
• Windows Defender Vulnerability Allows Service Hijacking and Disablement via Symbolic Link Attack Sep 8, 2025
• Severe Hikvision HikCentral Product Flaws What You Need to Know Sep 4, 2025
• CMS Provider Sitecore Patches Exploited Critical Zero Day Sep 4, 2025
• Hidden Commands in Images Exploit AI Chatbots and Steal Data Sep 1, 2025
• Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization Sep 1, 2025
• WhatsApp patches vulnerability exploited in zero-day attacks Aug 29, 2025
• Critical Docker Desktop flaw lets attackers hijack Windows hosts Aug 25, 2025
• Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in Aug 19, 2025
• Critical RCE Vulnerability in Cisco Firewall Management Software Under Active Exploitation Aug 15, 2025
• Update WinRAR tools now RomCom and others exploiting zero-day vulnerability Aug 11, 2025
• New Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAP Aug 10, 2025
• OWASP AIVSS targets agentic AI risk Aug 6, 2025
• Critical Vulnerability Impacting Over 100K Sites Patched in Everest Forms Plugin Aug 6, 2025
• SonicWall investigates possible zero-day amid Akira ransomware surge Aug 5, 2025
• Cursor IDE Persistent Code Execution via MCP Trust Bypass Aug 5, 2025
• Critical Vulnerability in NestJS Devtools Localhost RCE via Sandbox Escape Aug 1, 2025
• AI-powered Cursor IDE vulnerable to prompt-injection attacks Aug 1, 2025
• Attackers Actively Exploiting Critical Vulnerability in Alone Theme Jul 29, 2025
• Account Takeover Vulnerability Affecting Over 400K Installations Patched in Post SMTP Plugin Jul 23, 2025
• How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance Jul 22, 2025
• BIDI Swap Unmasking the Art of URL Misleading with Bidirectional Text Tricks Jul 22, 2025
• The Internet Red Button a 2016 Bug Still Lets Anyone Kill Solar Farms in 3 Clicks Jul 21, 2025
• Microsoft Fix Targets Attacks on SharePoint Zero-Day Jul 21, 2025
• Flaw in Signal App Clone Could Leak Passwords — GreyNoise Identifies Active Reconnaissance and Exploit Attempts Jul 17, 2025
• Zyxel security advisory for path traversal vulnerability in APs Jul 15, 2025
• eSIM Vulnerability in Kigen's eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks Jul 14, 2025
• Critical RCE Vulnerability in mcp-remote CVE-2025-6514 Threatens LLM Clients Jul 9, 2025
• Count(er) Strike – Data Inference Vulnerability in ServiceNow Jul 9, 2025
• Critical Sudo bugs expose major Linux distros to local Root exploits Jul 4, 2025
• Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks Jul 2, 2025
• Critical Vulnerability in Microsens Devices Exposes Systems to Hackers Jul 1, 2025
• Zero-day Bluetooth gap turns millions of headphones into listening stations Jun 26, 2025
• Gogs Remote Command Execution Vulnerability (CVE-2024-56731) Jun 26, 2025
• Cisco ISE Vulnerability Allows Remote Attackers to Execute Malicious Commands Jun 26, 2025
• Realtek Bluetooth Flaw Allows Attackers to Launch DoS Attacks During Pairing Jun 25, 2025
• Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent Jun 24, 2025
• Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack Jun 24, 2025
• Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User Jun 13, 2025
• Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction Jun 12, 2025
• EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data Jun 12, 2025
• Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited Jun 11, 2025
• NTLM reflection is dead, long live NTLM reflection! – An in-depth analysis of CVE-2025-33073 Jun 11, 2025
• iMessage Zero-Click Attacks Suspected in Targeting of High-Value Individuals Jun 9, 2025
• Qualcomm fixes three Adreno GPU zero-days exploited in attacks Jun 2, 2025
• Bypassing MTE with CVE-2025-0072 May 23, 2025