Vulnerabilities Archives

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Endpoint Security

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

A variant of DirtyFrag, the flaw allows unprivileged local users to manipulate the Linux page cache and gain root privileges.

Ionut Arghire8 hours ago

Artificial Intelligence

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

AWS has patched the vulnerability and published its own advisory to inform customers about the potential impact.

Eduard Kovacs3 days ago

ICS/OT

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning

The exploited flaw, CVE-2025-67038, is one of the vulnerabilities disclosed in April as part of the BRIDGE:BREAK research project.

Eduard Kovacs4 days ago

Vulnerabilities

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

The latest GitLab CE/EE updates address 13 vulnerabilities, including three high-severity defects.

Ionut Arghire4 days ago

Vulnerabilities

Another Critical Vulnerability Patched in SAP Commerce

On Tuesday, as part of its April 2021 Security Patch Day, SAP announced the release of 14 new security notes and 5 updates to...

Ionut ArghireApril 14, 2021

ICS/OT

Siemens Releases Several Advisories for ‘NAME:WRECK’ Vulnerabilities

Siemens released a total of 14 new advisories on Tuesday, including five describing the impact and remediations for the NAME:WRECK vulnerabilities disclosed on the...

Eduard KovacsApril 14, 2021

ICS/OT

At Least 100 Million Devices Affected by “NAME:WRECK” DNS Flaws in TCP/IP Stacks

Popular TCP/IP stacks are affected by a series of Domain Name System (DNS) vulnerabilities that could be exploited to take control of impacted devices,...

Ionut ArghireApril 14, 2021

Application Security

MS Patch Tuesday: NSA Reports New Critical Exchange Flaws

Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new...

Ryan NaraineApril 13, 2021

Vulnerabilities

Adobe Patches Critical Code Execution Vulnerabilities in Photoshop, Bridge

Adobe on Tuesday announced patches for vulnerabilities in four of its products, including critical code execution flaws affecting Photoshop and Bridge.

Eduard KovacsApril 13, 2021

Vulnerabilities

Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices

An exploit is now publicly available for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station video...

Ionut ArghireApril 13, 2021

Vulnerabilities

PoC Exploit Released for Unpatched Flaw Affecting Chromium-Based Browsers

A researcher has made public a proof-of-concept (PoC) exploit for a recently discovered vulnerability affecting Chrome, Edge and other Chromium-based web browsers.

Eduard KovacsApril 13, 2021

Application Security

Joker Android Trojan Lands in Huawei AppGallery App Store

Ten variants of the Joker Android Trojan managed to slip into the Huawei AppGallery app store and were downloaded by more than 538,000 users,...

Ionut ArghireApril 12, 2021

Application Security

Unearthing the ‘Attackability’ of Vulnerabilities that Attract Hackers

Vulnerability management is largely about patch management: finding, triaging and patching the most critical vulnerabilities in your environment. Each aspect of this process presents...

Kevin TownsendApril 12, 2021

Vulnerabilities

Zerodium Offering $300,000 for WordPress Exploits

Exploit acquisition company Zerodium announced last week that it’s temporarily offering $300,000 for high-impact WordPress exploits.

Eduard KovacsApril 12, 2021

Application Security

Microsoft Open-Sources ‘CyberBattleSim’ Enterprise Environment Simulator

Microsoft this week announced the open source availability of Python code for “CyberBattleSim,” a research toolkit that supports simulating complex computer systems.

Ionut ArghireApril 9, 2021

Application Security

CISA Releases Tool to Detect Microsoft 365 Compromise

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to help with the detection of potential...

Ionut ArghireApril 9, 2021

Application Security

Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits

The Pwn2Own 2021 hacking competition has come to an end, with participants earning more than $1.2 million — more than ever paid out at...

Eduard KovacsApril 9, 2021

Application Security

Cisco Patches Critical Flaw in SD-WAN vManage

Cisco this week announced patches for tens of vulnerabilities across its product portfolio, including a critical severity issue impacting the SD-WAN vManage software.

Ionut ArghireApril 8, 2021

Cyberwarfare

Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late?

NEWS ANALYSIS: Google’s decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match...

Ryan NaraineApril 8, 2021

Supply Chain Security

Library Dependencies and the Open Source Supply Chain Nightmare

It’s a bigger problem than is immediately apparent, and has the potential for hacks as big as Equifax and as widespread as SolarWinds.

Kevin TownsendApril 8, 2021

Cybercrime

Cring Ransomware Targets Industrial Organizations

Cring ransomware operators are exploiting an old path traversal vulnerability in the FortiOS SSL VPN web portal to gain access to enterprise networks, Kaspersky...

Ionut ArghireApril 8, 2021

Vulnerabilities

$200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own

Two researchers earned $200,000 on the second day of the Pwn2Own 2021 hacking competition for a Zoom exploit allowing remote code execution without user...

Eduard KovacsApril 8, 2021

Network Security

Vulnerability in ‘Domain Time II’ Could Lead to Server, Network Compromise

A vulnerability residing in the “Domain Time II” network time solution can be exploited in Man-on-the-Side (MotS) attacks, cyber-security firm GRIMM warned on Tuesday.

Ionut ArghireApril 8, 2021

Application Security

Report: Supplier Impersonation Attacks a Major Risk

Threat actors are leveraging the supply chain to deliver various types of threats to organizations, and few of them are spared from such attacks,...

Ionut ArghireApril 7, 2021

Page 171 of 425« First ‹ Previous 167 168 169 170171172 173 174 175 Next ›Last »

Webinar: Why Email Security Keeps Failing (And What Has to Change)

July 8, 2026

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Virtual Event: 2026 Cloud Security Summit

July 16, 2026

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

SECURITYWEEK NETWORK:

ICS:

Endpoint Security

‘DirtyClone’ Linux Kernel Vulnerability Leads to Root Access

Artificial Intelligence

Amazon Q Flaw Enabled Cloud Credential Theft via Malicious Repositories

ICS/OT

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning

Vulnerabilities

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

Vulnerabilities

Another Critical Vulnerability Patched in SAP Commerce

ICS/OT

Siemens Releases Several Advisories for ‘NAME:WRECK’ Vulnerabilities

ICS/OT

At Least 100 Million Devices Affected by “NAME:WRECK” DNS Flaws in TCP/IP Stacks

Application Security

MS Patch Tuesday: NSA Reports New Critical Exchange Flaws

Vulnerabilities

Adobe Patches Critical Code Execution Vulnerabilities in Photoshop, Bridge

Vulnerabilities

Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices

Vulnerabilities

PoC Exploit Released for Unpatched Flaw Affecting Chromium-Based Browsers

Application Security

Joker Android Trojan Lands in Huawei AppGallery App Store

Application Security

Unearthing the ‘Attackability’ of Vulnerabilities that Attract Hackers

Vulnerabilities

Zerodium Offering $300,000 for WordPress Exploits

Application Security

Microsoft Open-Sources ‘CyberBattleSim’ Enterprise Environment Simulator

Application Security

CISA Releases Tool to Detect Microsoft 365 Compromise

Application Security

Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits

Application Security

Cisco Patches Critical Flaw in SD-WAN vManage

Cyberwarfare

Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late?

Supply Chain Security

Library Dependencies and the Open Source Supply Chain Nightmare

Cybercrime

Cring Ransomware Targets Industrial Organizations

Vulnerabilities

$200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own

Network Security

Vulnerability in ‘Domain Time II’ Could Lead to Server, Network Compromise

Application Security

Report: Supplier Impersonation Attacks a Major Risk

Daily Briefing Newsletter

Trending

Webinar: Why Email Security Keeps Failing (And What Has to Change)

Virtual Event: 2026 Cloud Security Summit

People on the move

Expert Insights

When Information Becomes the Attack Surface – Understanding AI Agent Traps

What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks

No Exploits Required

After AI Reaches Production: 12 Ways Security Teams Can Take Control

Everybody Is Vibe Coding But Nobody Told the Security Team

Daily Briefing Newsletter