Tag: active exploitation
-
Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability
Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…
-
Unit 42: Threat Insights: Active Exploitation of Cisco ASA Zero Days
Source URL: https://unit42.paloaltonetworks.com/zero-day-vulnerabilities-affect-cisco-software/ Source: Unit 42 Title: Threat Insights: Active Exploitation of Cisco ASA Zero Days Feedly Summary: CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. The post Threat Insights: Active Exploitation of Cisco ASA Zero Days appeared first on Unit 42.…
-
Slashdot: Google Shifts Android Security Updates To Risk-Based Triage System
Source URL: https://tech.slashdot.org/story/25/09/15/1444225/google-shifts-android-security-updates-to-risk-based-triage-system?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google Shifts Android Security Updates To Risk-Based Triage System Feedly Summary: AI Summary and Description: Yes Summary: Google has initiated a significant alteration in its Android security update strategy by introducing a “Risk-Based Update System.” This system prioritizes high-risk vulnerabilities for immediate attention while deferring routine fixes, which may…
-
The Register: CISA sounds alarm over TP-Link wireless routers under attack
Source URL: https://www.theregister.com/2025/09/08/infosec_in_brief/ Source: The Register Title: CISA sounds alarm over TP-Link wireless routers under attack Feedly Summary: Plus: Google clears up Gmail concerns, NSA drops SBOM bomb, Texas sues PowerSchool, and more Infosec in brief The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese networking biz…
-
The Register: Critical, make-me-super-user SAP S/4HANA bug under active exploitation
Source URL: https://www.theregister.com/2025/09/05/critical_sap_s4hana_bug_exploited/ Source: The Register Title: Critical, make-me-super-user SAP S/4HANA bug under active exploitation Feedly Summary: 9.9-rated flaw on the loose, so patch now A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… AI Summary and Description: Yes…
-
The Register: Citrix patches trio of NetScaler bugs – after attackers beat them to it
Source URL: https://www.theregister.com/2025/08/26/citrix_patches_trio_of_netscaler/ Source: The Register Title: Citrix patches trio of NetScaler bugs – after attackers beat them to it Feedly Summary: Criminals already abusing its latest zero-days Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they’ve already been used in the wild before the vendor got around to patching.……