active exploitation – Page 2 – Experimental News Clipping Site

Unit 42: Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief

Jul 21, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/microsoft-sharepoint-cve-2025-49704-cve-2025-49706-cve-2025-53770/ Source: Unit 42 Title: Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief Feedly Summary: Unit 42 has observed an active exploitation of recent Microsoft SharePoint Vulnerabilities. Here’s how you can protect your organization. The post Active Exploitation of Microsoft SharePoint Vulnerabilities: Threat Brief appeared first on Unit 42. AI Summary and Description:…

The Register: CISA warns the Signal clone used by natsec staffers is being attacked, so patch now

Jul 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/02/cisa_telemessage_patch/ Source: The Register Title: CISA warns the Signal clone used by natsec staffers is being attacked, so patch now Feedly Summary: Two flaws in TeleMessage are ‘frequent attack vectors for malicious cyber actors’ The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone…

The Register: Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack

Jun 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/06/24/critical_citrix_bug_citrixbleed/ Source: The Register Title: Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack Feedly Summary: Why are you even reading this story? Patch now! Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous…

The Register: Critical Wazuh bug exploited in growing Mirai botnet infection

Jun 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/06/10/critical_wazuh_bug_exploited_in/ Source: The Register Title: Critical Wazuh bug exploited in growing Mirai botnet infection Feedly Summary: The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too Cybercriminals are trying to spread multiple Mirai variants by exploiting a critical Wazuh vulnerability, researchers say – the first reported active attacks since the code execution…

The Register: Chinese snoops tried to break into US city utilities, says Talos

May 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/05/22/chinese_crew_us_city_utilities/ Source: The Register Title: Chinese snoops tried to break into US city utilities, says Talos Feedly Summary: Intrusions began weeks before Trimble patched the Cityworks hole A suspected Chinese crew has been exploiting a now-patched remote code execution (RCE) flaw in Trimble Cityworks to break into US local government networks and target…

Krebs on Security: Patch Tuesday, May 2025 Edition

May 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://krebsonsecurity.com/2025/05/patch-tuesday-may-2025-edition/ Source: Krebs on Security Title: Patch Tuesday, May 2025 Edition Feedly Summary: Microsoft on Tuesday released software updates to fix at least 70 vulnerabilities in Windows and related products, including five zero-day flaws that are already seeing active exploitation. Adding to the sense of urgency with this month’s patch batch from Redmond…

Cloud Blog: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)

Apr 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ Source: Cloud Blog Title: Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) Feedly Summary: Written by: John Wolfram, Michael Edie, Jacob Thompson, Matt Lin, Josh Murchie On Thursday, April 3, 2025, Ivanti disclosed a critical security vulnerability, CVE-2025-22457, impacting Ivanti Connect Secure (“ICS”) VPN appliances version 22.7R2.5 and…

Alerts: CISA Adds One Known Exploited Vulnerability to Catalog

Apr 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/04/01/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-24813 Apache Tomcat Path Equivalence Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks…

Alerts: CISA Adds One Known Exploited Vulnerability to Catalog

Mar 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/03/31/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20439 Cisco Smart Licensing Utility Static Credential Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…

Alerts: CISA Adds One Known Exploited Vulnerability to Catalog

Mar 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.cisa.gov/news-events/alerts/2025/03/27/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-2783 Google Chromium Mojo Sandbox Escape Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant…

Tag: active exploitation