Vulnerabilities FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit. Eduard KovacsJune 20, 2025
Vulnerabilities Linux Security: New Flaws Allow Root Access, CISA Warns of Old Bug Exploitation Qualys has disclosed two Linux vulnerabilities that can be chained for full root access, and CISA added a flaw to its KEV catalog. Eduard KovacsJune 18, 2025
Vulnerabilities Chrome 137 Update Patches High-Severity Vulnerabilities Google has released a Chrome 137 update to resolve two memory bugs in the browser’s V8 and Profiler components. Ionut ArghireJune 18, 2025
Vulnerabilities Zyxel Firewall Vulnerability Again in Attacker Crosshairs GreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls. Ionut ArghireJune 17, 2025
Vulnerabilities Organizations Warned of Vulnerability Exploited Against Discontinued TP-Link Routers CISA warns that a vulnerability impacting multiple discontinued TP-Link router models is exploited in the wild. Ionut ArghireJune 17, 2025
Malware & Threats Recent Langflow Vulnerability Exploited by Flodrix Botnet A critical Langflow vulnerability tracked as CVE-2025-3248 has been exploited to ensnare devices in the Flodrix botnet. Eduard KovacsJune 17, 2025
Malware & Threats SimpleHelp Vulnerability Exploited Against Utility Billing Software Users CISA warns that vulnerable SimpleHelp RMM instances have been exploited against a utility billing software provider’s customers. Ionut ArghireJune 13, 2025
Email Security Exploited Vulnerability Impacts Over 80,000 Roundcube Servers Exploitation of a critical-severity RCE vulnerability in Roundcube started only days after a patch was released. Ionut ArghireJune 10, 2025
Malware & Threats Mirai Botnets Exploiting Wazuh Security Platform Vulnerability CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets. Eduard KovacsJune 9, 2025
Vulnerabilities vBulletin Vulnerability Exploited in the Wild Exploitation of the vBulletin vulnerability tracked as CVE-2025-48827 and CVE-2025-48828 started shortly after disclosure. Eduard KovacsJune 2, 2025
Malware & Threats Companies Warned of Commvault Vulnerability Exploitation CISA warns companies of a widespread campaign targeting a Commvault vulnerability to hack Azure environments. Ionut ArghireMay 23, 2025
Malware & Threats Cityworks Zero-Day Exploited by Chinese Hackers in US Local Government Attacks A Chinese threat actor exploited a zero-day vulnerability in Trimble Cityworks to hack local government entities in the US. Ionut ArghireMay 23, 2025
Malware & Threats Chinese Spies Exploit Ivanti Vulnerabilities Against Critical Sectors A Chinese espionage group has been chaining two recent Ivanti EPMM vulnerabilities in attacks against organizations in multiple critical sectors. Ionut ArghireMay 23, 2025
Vulnerabilities Wiz Warns of Ongoing Exploitation of Recent Ivanti Vulnerabilities Wiz warns that threat actors are chaining two recent Ivanti vulnerabilities to achieve unauthenticated remote code execution. Ionut ArghireMay 21, 2025
Malware & Threats Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. Ionut ArghireMay 15, 2025
Vulnerabilities Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’ Google has rolled out a Chrome 136 update that resolves a high-severity vulnerability for which a public exploit exists. Ionut ArghireMay 15, 2025
Vulnerabilities Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances Fortinet has patched a dozen vulnerabilities, including a critical flaw exploited in the wild against FortiVoice instances. Ionut ArghireMay 14, 2025
Vulnerabilities Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers Ivanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution. Ionut ArghireMay 14, 2025
Nation-State Output Messenger Zero-Day Exploited by Turkish Hackers for Iraq Spying A Turkey-affiliated espionage group has exploited a zero-day vulnerability in Output Messenger since April 2024. Ionut ArghireMay 13, 2025
Vulnerabilities SAP Zero-Day Targeted Since January, Many Sectors Impacted Hundreds of SAP NetWeaver instances hacked via a zero-day that allows remote code execution, not only arbitrary file uploads, as initially believed. Ionut ArghireMay 9, 2025