Experimental News Clipping Site

Tag: day vulnerability

  • The Register: Critical PostgreSQL bug tied to zero-day attack on US Treasury

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/02/14/postgresql_bug_treasury/ Source: The Register Title: Critical PostgreSQL bug tied to zero-day attack on US Treasury Feedly Summary: High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.……

  • Krebs on Security: Microsoft Patch Tuesday, February 2025 Edition

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/02/microsoft-patch-tuesday-february-2025-edition/ Source: Krebs on Security Title: Microsoft Patch Tuesday, February 2025 Edition Feedly Summary: Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. AI Summary and Description: Yes **Summary:** Microsoft has issued crucial updates…

  • Slashdot: Apple Fixes Zero-Day Exploited In ‘Extremely Sophisticated’ Attacks

    by

    Kurt Seifried
    in

    Source URL: https://apple.slashdot.org/story/25/02/10/217213/apple-fixes-zero-day-exploited-in-extremely-sophisticated-attacks?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Apple Fixes Zero-Day Exploited In ‘Extremely Sophisticated’ Attacks Feedly Summary: AI Summary and Description: Yes Summary: Apple has issued urgent security updates for iOS 18.3.1 and iPadOS 18.3.1 to fix a critical zero-day vulnerability exploited in sophisticated targeted attacks. The flaw compromised the USB Restricted Mode, critical for data…

  • Hacker News: U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, First-Ever Report

    by

    Kurt Seifried
    in

    Source URL: https://www.zetter-zeroday.com/u-s-government-disclosed-39-zero-day-vulnerabilities-in-2023-per-first-ever-report/ Source: Hacker News Title: U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, First-Ever Report Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the U.S. government’s disclosure of zero-day vulnerabilities through its Vulnerabilities Equities Process (VEP) in 2023. It highlights a significant shift in the level of transparency around…

  • The Register: Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/21/fortinet_firewalls_still_vulnerable/ Source: The Register Title: Patch procrastination leaves 50,000 Fortinet firewalls vulnerable to zero-day Feedly Summary: Seven days after disclosure and little action taken, data shows Fortinet customers need to get with the program and apply the latest updates as nearly 50,000 management interfaces are still vulnerable to the latest zero-day exploit.… AI…

  • The Register: Fortinet: FortiGate config leaks are genuine but misleading

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/17/fortinet_fortigate_config_leaks/ Source: The Register Title: Fortinet: FortiGate config leaks are genuine but misleading Feedly Summary: Competition hots up with Ivanti over who can have the worst start to a year Fortinet has confirmed that previous analyses of records leaked by the Belsen Group are indeed genuine FortiGate configs stolen during a zero-day raid…

  • The Register: Miscreants ‘mass exploited’ Fortinet firewalls, ‘highly probable’ zero-day used

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/14/miscreants_mass_exploited_fortinet_firewalls/ Source: The Register Title: Miscreants ‘mass exploited’ Fortinet firewalls, ‘highly probable’ zero-day used Feedly Summary: Ransomware ‘not off the table,’ Arctic Wolf threat hunter tells El Reg Miscreants running a “mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according…

  • The Register: Nominet probes network intrusion linked to Ivanti zero-day exploit

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/01/13/nominet_ivanti_zero_day/ Source: The Register Title: Nominet probes network intrusion linked to Ivanti zero-day exploit Feedly Summary: Unauthorized activity detected, but no backdoors found UK domain registrar Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits.… AI Summary and Description: Yes Summary: Nominet, the UK domain registrar,…

  • Slashdot: Hackers Are Exploiting a New Ivanti VPN Security Bug To Hack Into Company Networks

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/01/09/1535218/hackers-are-exploiting-a-new-ivanti-vpn-security-bug-to-hack-into-company-networks?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Hackers Are Exploiting a New Ivanti VPN Security Bug To Hack Into Company Networks Feedly Summary: AI Summary and Description: Yes Summary: Ivanti has disclosed a critical zero-day vulnerability (CVE-2025-0282) in its widely utilized enterprise VPN appliance, which has been exploited to infiltrate the networks of corporate customers. This…