Tag: Exposures
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/05/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to…
-
Alerts: CISA Adds Four Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/04/cisa-adds-four-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Four Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-45195 Apache OFBiz Forced Browsing Vulnerability CVE-2024-29059 Microsoft .NET Framework Information Disclosure Vulnerability CVE-2018-9276 Paessler PRTG Network Monitor OS Command Injection Vulnerability CVE-2018-19410 Paessler PRTG Network…
-
Hacker News: OWASP Non-Human Identities Top 10
Source URL: https://owasp.org/www-project-non-human-identities-top-10/2025/ Source: Hacker News Title: OWASP Non-Human Identities Top 10 Feedly Summary: Comments AI Summary and Description: Yes Summary: The OWASP Non-Human Identity (NHI) Top 10 – 2025 project outlines significant risks associated with non-human identities, which are increasingly prevalent in development environments. It emphasizes the need for developers to understand these risks…
-
Slashdot: Sensitive DeepSeek Data Was Exposed to the Web, Cybersecurity Firm Says
Source URL: https://it.slashdot.org/story/25/02/01/0659255/sensitive-deepseek-data-was-exposed-to-the-web-cybersecurity-firm-says Source: Slashdot Title: Sensitive DeepSeek Data Was Exposed to the Web, Cybersecurity Firm Says Feedly Summary: AI Summary and Description: Yes Summary: A report from cybersecurity firm Wiz highlights a significant data exposure incident involving the Chinese AI startup DeepSeek. Sensitive data, including digital software keys and user chat logs, was left…
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/29/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation, as confirmed by Fortinet. CVE-2025-24085 Apple Multiple Products Use-After-Free Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors…
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/24/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-23006 SonicWall SMA1000 Appliances Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks…