Security News

Perforce Puppet update accelerates vulnerability remediation

2025-04-22 13:59

Perforce Software announced its latest platform update for Puppet Enterprise Advanced, designed to streamline DevSecOps practices and fortify enterprise security postures. This release...

#update #vulnerability

Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan

2025-04-21 16:42

Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting...

#bluekeep #breach #exploit #japan #korea #RDP #southkorea #systems #vulnerability

Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)

2025-04-18 11:35

CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security...

#CVE #sonicwall #vulnerability #CVE-2021-20035

CVE fallout: The splintering of the standard vulnerability tracking system has begun

2025-04-18 09:54

MITRE, EUVD, GCVE … WTF? Comment The splintering of the global system for identifying and tracking security bugs in technology products has begun.…

#CVE #tracking #vulnerability

Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)

2025-04-17 12:24

CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private...

#attack #CVE #ntlm #vulnerability #windows #CVE-2025-24054

Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution

2025-04-17 10:32

A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication...

#codeexecution #critical #CVS #cvss #SSH #vulnerability #CVE-2025-32433

CISA Flags Actively Exploited Vulnerability in SonicWall SMA Devices

2025-04-17 05:44

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting SonicWall Secure Mobile Access (SMA) 100 Series gateways to its Known Exploited...

#cisa #sonicwall #vulnerability #CVE-2021-20035

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

2025-04-15 13:44

A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even...

#apache #critical #CVS #cvss #vulnerability #CVE-2025-24859

Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability

2025-04-15 04:39

A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven different organizations compromised...

#critical #exploitation #RCE #vulnerability #CVE-2025-30406

AI Vulnerability Finding

2025-04-11 11:04

Microsoft is reporting that its AI systems are able to find new vulnerabilities in source code: Microsoft discovered eleven vulnerabilities in GRUB2, including integer and buffer overflows in...

#AI #vulnerability

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News