Category: Vulnerability News

New Windows 0-Click NTLM Credential Leakage Vulnerability Bypasses Microsoft’s Patch A critical zero-click NTLM credential leakage vulnerability that circumvents Microsoft’s recent patch for CVE-2025-24054.  The newly identified flaw, assigned CVE-2025-50154, allows attackers to extract NTLM hashes from fully patched Windows systems without any user interaction, demonstrating that Microsoft’s April security update was incomplete. Key Takeaways1.…

Multiple Chrome High-Severity Vulnerabilities Let Attackers Execute Arbitrary Code Google Chrome has released a critical security update addressing six vulnerabilities that could potentially enable arbitrary code execution on affected systems.  The stable channel update to version 139.0.7258.127/.128 for Windows and Mac, and 139.0.7258.127 for Linux, contains patches for multiple high-severity security flaws that pose significant…

Apache bRPC Vulnerability Allows Attackers to Crash the Service via Network A severe vulnerability in Apache bRPC has been discovered that allows attackers to crash services through network exploitation, affecting all versions prior to 1.14.1.  The vulnerability, identified as CVE-2025-54472 with “important” severity classification, stems from unlimited memory allocation in the Redis protocol parser component.…

7-Zip Arbitrary File Write Vulnerability Let Attackers Execute Arbitrary Code A newly disclosed security vulnerability in the popular 7-Zip file compression software has raised significant concerns in the cybersecurity community. CVE-2025-55188, discovered and reported by security researcher Landon on August 9, 2025, allows attackers to perform arbitrary file writes during archive extraction, potentially leading to…

ChatGPT Connectors ‘0-click’ Vulnerability Let Attackers Exfiltrate Data From Google Drive A critical vulnerability in OpenAI’s ChatGPT Connectors feature allows attackers to exfiltrate sensitive data from connected Google Drive accounts without any user interaction beyond the initial file sharing. The attack, dubbed “AgentFlayer,” represents a new class of zero-click exploits targeting AI-powered enterprise tools. The…

CISA Releases Emergency Advisory Urges Feds to Patch Exchange Server Vulnerability by Monday CISA has issued an emergency advisory directing all Federal Civilian Executive Branch agencies to mitigate a newly disclosed Microsoft Exchange urgently hybrid-joined vulnerability, tracked as CVE-2025-53786, by 9:00 AM EDT on Monday, August 11, 2025. The flaw enables attackers who have already…

HTTP/1.1 Fatal Vulnerability Exposes Millions of Websites to Hostile Takeover A critical vulnerability in the HTTP/1.1 protocol threatens tens of millions of websites with potential hostile takeovers through sophisticated desynchronization attacks.  This fundamental flaw in the decades-old protocol creates extreme ambiguity about where one request ends and the next begins, enabling attackers to manipulate web…

Gemini Exploited via Prompt Injection in Google Calendar Invite to Steal Emails, and Control Smart Devices A sophisticated attack method exploits Google’s Gemini AI assistant through seemingly innocent calendar invitations and emails.  The attack, dubbed “Targeted Promptware Attacks,” demonstrates how indirect prompt injection can compromise users’ digital privacy and even control physical devices in their…

Critical Trend Micro Apex One Management RCE Vulnerability Actively Exploited in the wild Critical command injection remote code execution (RCE) vulnerabilities in Trend Micro Apex One Management Console are currently being actively exploited by threat actors.  The company confirmed observing at least one instance of attempted exploitation in production environments, prompting the immediate release of…

Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction Google released its August 2025 Android Security Bulletin on August 4, revealing a critical vulnerability that poses significant risks to Android device users worldwide.  The most severe flaw, designated CVE-2025-48530, affects the core System component and could enable remote code execution without requiring…

WAFs protection Bypassed to Execute XSS Payloads Using JS Injection with Parameter Pollution A sophisticated method to bypass Web Application Firewall (WAF) protections using HTTP Parameter Pollution techniques combined with JavaScript injection.  The research, conducted by Bruno Mendes across 17 different WAF configurations from major vendors including AWS, Google Cloud, Azure, and Cloudflare, revealed alarming…

NestJS Framework Vulnerability Let Attackers Execute Arbitrary Code in Developers Machine A critical security vulnerability has been discovered in the NestJS framework’s development tools that enables remote code execution (RCE) attacks against JavaScript developers.  The flaw, identified as CVE-2025-54782, affects the @nestjs/devtools-integration package and allows malicious websites to execute arbitrary code on developers’ local machines…

SonicWall Firewall Devices 0-day Vulnerability Actively Exploited by Akira Ransomware A suspected zero-day vulnerability in SonicWall firewall devices that the Akira ransomware group is actively exploiting. The flaw allows attackers to gain initial access to corporate networks through SonicWall’s SSL VPN feature, leading to subsequent ransomware deployment. In late July 2025, security researchers observed a…

Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers.  The flaw, tracked as CVE-2025-54309 and scoring a critical 9.8 on the CVSS scale, stems from a fundamental breakdown in security checks within CrushFTP’s…

OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other identity providers.  The vulnerability, designated as CVE-2025-54576, enables attackers to bypass authentication mechanisms by manipulating query parameters in crafted URLs, potentially…

CISA Warns of PaperCut RCE Vulnerability Exploited in Attacks CISA has issued an urgent warning regarding a critical vulnerability in PaperCut NG/MF print management software that threat actors are actively exploiting in ransomware campaigns.  The vulnerability, tracked as CVE-2023-2533, represents a significant security risk to organizations worldwide using the affected software versions. Key Takeaways1. CVE-2023-2533…

Critical macOS ‘Sploitlight’ Vulnerability Let Attackers Steal Private Data of Files Bypassing TCC A critical macOS vulnerability enables attackers to bypass Transparency, Consent, and Control (TCC) protections and steal sensitive user data, including files from protected directories and Apple Intelligence caches.  The vulnerability, dubbed “Sploitlight,” exploits Spotlight plugins to access normally protected information without user consent,…

LG Innotek Camera Vulnerabilities Let Attackers Gain Administrative Access A serious security vulnerability has been discovered in LG Innotek’s LNV5110R camera model that could allow cybercriminals to gain complete administrative control over affected devices.  The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on July 24, 2025, warning of a remotely exploitable flaw…

SharePoint 0-Day RCE Vulnerability Actively Exploited in the Wild to Gain Full Server Access A sophisticated cyberattack campaign targeting Microsoft SharePoint servers has been discovered exploiting a newly weaponized vulnerability chain dubbed “ToolShell,” enabling attackers to gain complete remote control over vulnerable systems without authentication. Eye Security, a Dutch cybersecurity firm, identified the active exploitation…

Grafana Vulnerabilities Allow User Redirection to Malicious Sites and Code Execution in Dashboards Two significant Grafana vulnerabilities that could allow attackers to redirect users to malicious websites and execute arbitrary JavaScript code.  The vulnerabilities, identified as CVE-2025-6023 and CVE-2025-6197, affect multiple versions of Grafana, including 12.0.x, 11.6.x, 11.5.x, 11.4.x, and 11.3.x branches.  Both security flaws…

CISA Warns of Fortinet FortiWeb SQL Injection Vulnerability Exploited in Attacks The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation of the SQL injection flaw in cyberattacks worldwide. The vulnerability, tracked as CVE-2025-25257, affects Fortinet’s FortiWeb web application firewall…

Microsoft Entra ID Vulnerability Let Attackers Escalate Privileges to Global Admin Role A critical vulnerability in Microsoft Entra ID allows attackers to escalate privileges to the Global Administrator role through the exploitation of first-party applications.  The vulnerability, reported to Microsoft Security Response Center (MSRC) in January 2025, affects organizations using hybrid Active Directory environments with…

GPUHammer – First Rowhammer Attack Targeting NVIDIA GPUs Cybersecurity researchers at the University of Toronto have achieved a breakthrough in hardware-level attacks by successfully demonstrating GPUHammer, the first Rowhammer attack specifically targeting discrete NVIDIA GPUs. The research, which focuses on the popular NVIDIA A6000 GPU with GDDR6 memory, represents a significant expansion of the decade-old…

CISA Warns of FortiOS Hard-Coded Credentials Vulnerability Exploited in Attacks CISA has issued a critical warning regarding a Fortinet FortiOS vulnerability that poses significant risks to network security infrastructure.  On June 25, 2025, CISA added CVE-2019-6693 to its Known Exploited Vulnerabilities (KEV) catalog, indicating that this hard-coded credentials flaw is being actively exploited in real-world…

Firefox 140 Released With Fix for Code Execution Vulnerability – Update Now Mozilla has released Firefox 140, addressing multiple critical security vulnerabilities, including a high-impact use-after-free vulnerability that could lead to code execution.  The update patches twelve distinct security flaws ranging from memory safety issues to platform-specific vulnerabilities affecting both desktop and mobile versions of…

WhatsApp Banned on U.S. House Staffers Devices Due to Potential Security Risks Summary 1. The U.S. House Chief Administrative Officer banned WhatsApp from all government-issued devices used by congressional staffers, including mobile, desktop, and web browser versions. 2. The ban was implemented due to concerns about lack of transparency in data protection, absence of stored…

Threat Actor Allegedly Selling FortiGate API Exploit Tool Targeting FortiOS A threat actor has reportedly put up for sale a sophisticated FortiGate API exploit tool on a dark web marketplace, igniting significant concern within the cybersecurity community. The tool, which is being marketed for a price of $12,000 and comes with escrow services to facilitate…

Critical OpenVPN Driver Vulnerability Allows Attackers to Crash Windows Systems Summary 1. A critical OpenVPN Windows driver flaw (CVE-2025-50054) allowed local attackers to crash systems. 2. The vulnerability enabled denial-of-service attacks but did not expose user data. 3. OpenVPN 2.7_alpha2 fixes the issue and improves Windows support. 4. Users should update promptly and restrict driver…

Critical Linux Privilege Escalation Vulnerabilities Let Attackers Gain Full Root Access Two critical, interconnected flaws, CVE-2025-6018 and CVE-2025-6019, enable unprivileged attackers to achieve root access on major Linux distributions. Affecting millions worldwide, these vulnerabilities pose a severe security emergency that demands immediate patching. The first vulnerability exploits PAM configuration weaknesses in SUSE systems, while the…

Graphite Spyware Exploits Apple iOS Zero-Click Vulnerability to Attack Journalists The advanced Graphite mercenary spyware, developed by Paragon, targets journalists through a sophisticated zero-click vulnerability in Apple’s iOS. At least three European journalists have been confirmed as targets, with two cases forensically verified. The spyware exploited a zero-day vulnerability in iOS that allowed attackers to compromise…

CISA Warns of Erlang/OTP SSH Server RCE Vulnerability Exploited in Attacks CISA has issued an urgent warning regarding a critical vulnerability in Erlang/OTP SSH servers that is being actively exploited in the wild.  The vulnerability, tracked as CVE-2025-32433, enables attackers to achieve unauthenticated remote code execution on affected systems, prompting its immediate addition to CISA’s…

SAP June 2025 Patch Day – 14 Vulnerabilities Patched Across Multiple Products SAP released its monthly Security Patch Day update addressing 14 critical vulnerabilities across multiple enterprise products.  The comprehensive security update includes patches addressing critical authorization bypass issues and cross-site scripting vulnerabilities, with CVSS scores ranging from 3.0 to 9.6.  Organizations using SAP enterprise…

PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure. The vulnerability, tracked as CVE-2025-32756, carries a maximum CVSS score of 9.8 and enables unauthenticated remote code execution through…

Splunk Enterprise XSS Vulnerability Let Attackers Execute Unauthorized JavaScript Code A significant security vulnerability in the Splunk Enterprise platform could allow low-privileged attackers to execute unauthorized JavaScript code through a reflected Cross-Site Scripting (XSS) flaw.  The vulnerability, tracked as CVE-2025-20297, affects multiple versions of Splunk Enterprise and Splunk Cloud Platform, prompting the company to issue…

Microsoft OneDrive File Picker Vulnerability Exposes Users’ Entire Cloud Storage to Websites A critical security flaw in Microsoft’s OneDrive File Picker has exposed millions of users to unauthorized data access, allowing third-party web applications to gain complete access to users’ entire OneDrive storage rather than just selected files.  Security researchers from Oasis Security reported on…

VMware ESXi, Firefox, Red Hat Linux & SharePoint 0-Day Vulnerabilities Exploited – Pwn2Own Day 2 Security researchers uncovered critical zero-day vulnerabilities across major enterprise platforms during the second day of Pwn2Own Berlin 2025, earning a staggering $435,000 in bounties. The competition, hosted at the OffensiveCon conference, witnessed successful exploits against VMware ESXi, Microsoft SharePoint, Mozilla…

Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities Microsoft has launched an expanded bug bounty program offering rewards of up to $30,000 for researchers who identify critical vulnerabilities in AI systems within its Dynamics 365 and Power Platform products.  The initiative, announced by Microsoft Security Response, aims to strengthen security in enterprise AI…

100,000+ Installed WordPress Plugin Critical Vulnerability Exploited Within 4 Hours of Disclosure A severe vulnerability in the popular WordPress plugin SureTriggers has been actively exploited within just four hours of its public disclosure on April 10, 2025.  The critical authentication bypass flaw affects all versions of the plugin up to 1.0.78, which has over 100,000…

Apache Roller Vulnerability Let Attackers Gain Unauthorized Access A critical security vulnerability in Apache Roller has been discovered, allowing attackers to maintain unauthorized access to blog systems even after password changes.  The vulnerability, CVE-2025-24859, has received the highest possible CVSS v4 score of 10, indicating severe risk to affected systems. The security flaw stems from…

Google Groups File Attachment Restrictions Bypassed via Email Posting A significant security vulnerability has been identified in Google Groups, allowing users to circumvent file attachment restrictions by simply sending emails to group addresses.  This broken access control issue potentially impacts thousands of organizations that rely on Google Groups for controlled information sharing and collaboration. Ph.Hitachi…

Chinese Hackers Exploit Ivanti VPN Vulnerabilities to Infiltrate Organizations A China-linked advanced persistent threat (APT) group has exploited critical vulnerabilities in Ivanti Connect Secure VPN appliances to infiltrate organizations across 12 countries and 20 industries, cybersecurity firm TeamT5 revealed in a report shared with Cyber Security News. The campaign, active since late March 2025, leverages…

VMware ESXi 8.0 Update 3e Released for Free, What’s New! Broadcom has officially reintroduced the free version of VMware ESXi with the release of ESXi 8.0 Update 3e (Build 24674464) on April 10, 2025. This marks a significant policy reversal after Broadcom discontinued the free ESXi offering following its acquisition of VMware, a move that…

Bitdefender GravityZone Console PHP Vulnerability Let Attackers Execute Arbitrary Commands A critical security vulnerability has been discovered in Bitdefender GravityZone Console that could allow remote attackers to execute arbitrary commands on affected systems.  The flaw tracked as CVE-2025-2244 has a CVSS score of 9.5. It stems from an insecure PHP deserialization issue that poses significant…

CISA Warns of ESURGE Malware Exploiting Ivanti RCE Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Malware Analysis Report (MAR-25993211-r1.v1) detailing the exploitation of a critical vulnerability in Ivanti Connect Secure devices (CVE-2025-0282). This vulnerability allows attackers to gain unauthorized access and deploy sophisticated malware variants, including the newly identified RESURGE and…

CISA Warns of Fortinet FortiOS Authentication Bypass Vulnerability Exploited in Wild The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert highlighting a significant vulnerability in Fortinet’s FortiOS and FortiProxy systems, which threat actors are actively exploiting. The authentication bypass vulnerability, tracked as CVE-2025-24472, has been added to CISA’s Known Exploited Vulnerabilities…

PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability Security researchers have released proof-of-concept (PoC) exploit code for CVE-2025-20029, a high-severity command injection vulnerability affecting F5’s BIG-IP application delivery controllers.  The flaw, which carries a CVSS v3.1 score of 8.8, enables authenticated attackers to execute arbitrary system commands through improper neutralization of special elements in…

Indian Post Office Portal Exposed Thousands of KYC Records With Username & Mobile Number The Indian Post Office portal was found vulnerable to an Insecure Direct Object Reference (IDOR) attack, exposing sensitive Know Your Customer (KYC) data of thousands of users.  This breach highlights the critical need for robust security measures in government-operated digital platforms,…

D-Link Routers Vulnerability Let Attackers Gain Full Router Control Remotely A critical unauthenticated Remote Code Execution (RCE) vulnerability has been affecting DSL-3788 routers, allowing attackers to acquire complete control over the router remotely. The flaw has been detected in firmware versions v1.01R1B036_EU_EN and below. This vulnerability was reported by Max Bellia of SECURE NETWORK BVTECH.…

Windows Vulnerability in COM Objects Trigger RCE To Control The Systems Remotely James Forshaw of Google Project Zero has shed light on a significant security vulnerability in Windows related to accessing trapped COM objects through the IDispatch interface. This research highlights an intriguing bug class that exploits cross-process communication features in object-oriented remoting technologies like…

VMware Aria Operations Vulnerabilities Let Attackers Perform Admin Operations  Broadcom has addressed multiple vulnerabilities in its VMware Aria Operations for Logs and VMware Aria Operations products.  These vulnerabilities, identified as CVE-2025-22218, CVE-2025-22219, CVE-2025-22220, CVE-2025-22221, and CVE-2025-22222, pose significant risks, including unauthorized access to sensitive data and privilege escalation.  The vulnerabilities affect the following VMware products:…