active exploitation – Experimental News Clipping Site

The Register: CISA sounds alarm over TP-Link wireless routers under attack

Sep 8, 2025

—

by

Source URL: https://www.theregister.com/2025/09/08/infosec_in_brief/ Source: The Register Title: CISA sounds alarm over TP-Link wireless routers under attack Feedly Summary: Plus: Google clears up Gmail concerns, NSA drops SBOM bomb, Texas sues PowerSchool, and more Infosec in brief The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese networking biz…

The Register: Critical, make-me-super-user SAP S/4HANA bug under active exploitation

Sep 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/05/critical_sap_s4hana_bug_exploited/ Source: The Register Title: Critical, make-me-super-user SAP S/4HANA bug under active exploitation Feedly Summary: 9.9-rated flaw on the loose, so patch now A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… AI Summary and Description: Yes…

Slashdot: Frostbyte10 Bugs Put Thousands of Refrigerators At Major Grocery Chains At Risk

Sep 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/09/02/209250/frostbyte10-bugs-put-thousands-of-refrigerators-at-major-grocery-chains-at-risk?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Frostbyte10 Bugs Put Thousands of Refrigerators At Major Grocery Chains At Risk Feedly Summary: AI Summary and Description: Yes Summary: The text discusses significant vulnerabilities in Copeland controllers, essential for managing refrigeration systems used by large supermarkets and cold storage companies. Identified as Frostbyte10, these flaws risk causing severe…

The Register: Citrix patches trio of NetScaler bugs – after attackers beat them to it

Aug 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/26/citrix_patches_trio_of_netscaler/ Source: The Register Title: Citrix patches trio of NetScaler bugs – after attackers beat them to it Feedly Summary: Criminals already abusing its latest zero-days Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they’ve already been used in the wild before the vendor got around to patching.……

The Register: Trend Micro offers weak workaround for already-exploited critical vuln in management console

Aug 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/10/infosec_in_brief/ Source: The Register Title: Trend Micro offers weak workaround for already-exploited critical vuln in management console Feedly Summary: PLUS: Crypto mixer founders plead guilty; Another French telco hacked; Meta fights WhatsApp scams; And more! Infosec In Brief A critical vulnerability in the on-prem version of Trend Micro’s Apex One endpoint security platform…

Schneier on Security: Microsoft SharePoint Zero-Day

Jul 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/07/microsoft-sharepoint-zero-day.html Source: Schneier on Security Title: Microsoft SharePoint Zero-Day Feedly Summary: Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwide: The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated remote access to SharePoint Servers exposed to the Internet.…

Unit 42: Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief

Jul 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/microsoft-sharepoint-cve-2025-49704-cve-2025-49706-cve-2025-53770/ Source: Unit 42 Title: Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief Feedly Summary: Unit 42 has observed an active exploitation of recent Microsoft SharePoint Vulnerabilities. Here’s how you can protect your organization. The post Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief appeared first on Unit 42. AI Summary and Description:…

The Register: CISA warns the Signal clone used by natsec staffers is being attacked, so patch now

Jul 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/02/cisa_telemessage_patch/ Source: The Register Title: CISA warns the Signal clone used by natsec staffers is being attacked, so patch now Feedly Summary: Two flaws in TeleMessage are ‘frequent attack vectors for malicious cyber actors’ The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone…

The Register: Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack

Jun 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/06/24/critical_citrix_bug_citrixbleed/ Source: The Register Title: Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack Feedly Summary: Why are you even reading this story? Patch now! Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous…

The Register: Critical Wazuh bug exploited in growing Mirai botnet infection

Jun 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/06/10/critical_wazuh_bug_exploited_in/ Source: The Register Title: Critical Wazuh bug exploited in growing Mirai botnet infection Feedly Summary: The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too Cybercriminals are trying to spread multiple Mirai variants by exploiting a critical Wazuh vulnerability, researchers say – the first reported active attacks since the code execution…

Tag: active exploitation