Mobile & Wireless Apple Patches First Exploited iOS Zero-Day of 2025 Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. Ionut ArghireJanuary 28, 2025
Vulnerabilities Git Vulnerabilities Led to Credentials Exposure Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials. Ionut ArghireJanuary 27, 2025
Vulnerabilities CISA Warns of Old jQuery Vulnerability Linked to Chinese APT CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog. Eduard KovacsJanuary 24, 2025
Vulnerabilities Hackers Earn $886,000 at Pwn2Own Automotive 2025 for Charger, OS, Infotainment Exploits Pwn2Own Automotive 2025 has come to an end and participants have earned a total of $886,000 for exploits targeting EV chargers and infotainment systems. Eduard KovacsJanuary 24, 2025
Vulnerabilities Cisco Patches Critical Vulnerability in Meeting Management Cisco has released patches for three vulnerabilities, including a critical privilege escalation bug and a DoS flaw for which exploit code exists. Ionut ArghireJanuary 23, 2025
Vulnerabilities SonicWall Learns From Microsoft About Potentially Exploited Zero-Day SonicWall has credited Microsoft for reporting CVE-2025-23006, a critical remote command execution vulnerability possibly exploited in the wild. Eduard KovacsJanuary 23, 2025
Vulnerabilities Over $380,000 Paid Out on First Day of Pwn2Own Automotive 2025 $380,000 paid out on the first day of Pwn2Own Automotive 2025 for exploits targeting car infotainment units, operating systems, and chargers. Eduard KovacsJanuary 22, 2025
Vulnerabilities Oracle Patches 200 Vulnerabilities With January 2025 CPU Oracle has released 318 new security patches to address roughly 200 unique CVEs as part of its January 2025 Critical Patch Update. Ionut ArghireJanuary 22, 2025
IoT Security Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities Kaspersky has disclosed the details of over a dozen vulnerabilities discovered in a Mercedes-Benz MBUX infotainment system. Eduard KovacsJanuary 20, 2025
Vulnerabilities Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise Three vulnerabilities in SimpleHelp could allow attackers to compromise the remote access software’s server and the client machine. Ionut ArghireJanuary 17, 2025
Network Security Millions of Internet Hosts Vulnerable to Attacks Due to Tunneling Protocol Flaws New research shows that over 4 million systems on the internet, including VPN servers and home routers, are vulnerable to attacks due to tunneling... Eduard KovacsJanuary 16, 2025
Email Security Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes A vulnerability in Google’s OAuth implementation allows takeover of old employee accounts when domain ownership changes. Ionut ArghireJanuary 15, 2025