Government
MITRE warns of a deterioration of national vulnerability databases and advisories, slowed vendor reaction and limited response operations.
Hi, what are you looking for?
SecurityWeek
Cloud Security
VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available.
Vulnerabilities
The Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization.
Vulnerabilities
Pwn2Own participants demonstrated exploits against VMs, AI, browsers, servers, containers, and operating systems.
Vulnerabilities
Pwn2Own participants have earned tens of thousands of dollars for Red Hat, Windows, Oracle VirtualBox, Docker Desktop, and AI exploits.
Artificial Intelligence
Trend Micro researchers flagging problems with Nvidia’s patch for a critical, code execution vulnerability in the Nvidia Container Toolkit.
Malware & Threats
A threat actor claims to offer a zero-day exploit for an unauthenticated remote code execution vulnerability in Fortinet firewalls.
Incident Response
The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.
Vulnerabilities
A vulnerability in the OttoKit WordPress plugin with over 100,000 active installations has been exploited in the wild.
Vulnerabilities
SonicWall has released fixes for three vulnerabilities in NetExtender for Windows, including a high-severity bug.
Vulnerabilities
Juniper Networks has patched two dozen vulnerabilities in Junos OS and Junos OS Evolved, and dozens of flaws in Junos Space third-party dependencies.
Vulnerabilities
CISA has added fresh CentreStack and Windows CLFS vulnerabilities to the Known Exploited Vulnerabilities catalog.
Vulnerabilities
Ivanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday.
Vulnerabilities
Fortinet fixes a critical-severity bug in FortiSwitch that could allow an attacker to modify administrative passwords.
Malware & Threats
Patch Tuesday: Microsoft ships urgent cover for another WIndows CLFS vulnerability already exploited in the wild.
Malware & Threats
The Adobe Patch Tuesday rollout covers 54 vulnerabilities, including code execution issues in the oft-targeted Adobe ColdFusion software.