Vulnerabilities Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager. Eduard KovacsNovember 21, 2025
Vulnerabilities Recent 7-Zip Vulnerability Exploited in Attacks A proof-of-concept (PoC) exploit targeting the high-severity remote code execution (RCE) bug exists. Ionut ArghireNovember 20, 2025
Artificial Intelligence Two-Year-Old Ray AI Framework Flaw Exploited in Ongoing Campaign Threat actors are abusing Ray’s lack of authentication to compromise exposed clusters and deploy LLM-generated payloads and cryptocurrency miners. Ionut ArghireNovember 19, 2025
Vulnerabilities Fortinet Discloses Second Exploited FortiWeb Zero-Day in a Week An OS command injection flaw, the exploited zero-day allows attackers to execute arbitrary code on the underlying system. Ionut ArghireNovember 19, 2025
Vulnerabilities Chrome 142 Update Patches Exploited Zero-Day The flaw was reported by Google's Threat Analysis Group and was likely exploited by a commercial spyware vendor. Ionut ArghireNovember 18, 2025
Vulnerabilities Widespread Exploitation of XWiki Vulnerability Observed The exploitation of the recent XWiki vulnerability has expanded to botnets, cryptocurrency miners, scanners, and custom tools. Ionut ArghireNovember 17, 2025
Government CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks Federal agencies have reported as ‘patched’ ASA or FTD devices running software versions vulnerable to attacks. Ionut ArghireNovember 13, 2025
Vulnerabilities Critical WatchGuard Firebox Vulnerability Exploited in Attacks Tracked as CVE-2025-9242 (CVSS score of 9.3), the flaw leads to unauthenticated, remote code execution on vulnerable firewalls. Ionut ArghireNovember 13, 2025
Vulnerabilities Cisco ISE, CitrixBleed 2 Vulnerabilities Exploited as Zero-Days: Amazon Amazon has seen a threat actor exploiting CVE-2025-20337 and CVE-2025-5777, two critical Cisco and Citrix vulnerabilities, as zero-days. Ionut ArghireNovember 13, 2025
Vulnerabilities Microsoft Patches Actively Exploited Windows Kernel Zero-Day Microsoft’s latest Patch Tuesday updates address more than 60 vulnerabilities in Windows and other products. Eduard KovacsNovember 11, 2025
Vulnerabilities Critical Triofox Vulnerability Exploited in the Wild A threat actor has exploited the issue to create a new administrator account and then used the account to execute remote access tools. Ionut ArghireNovember 11, 2025
Malware & Threats Landfall Android Spyware Targeted Samsung Phones via Zero-Day Threat actors exploited CVE-2025-21042 to deliver malware via specially crafted images to users in the Middle East. Eduard KovacsNovember 7, 2025
Vulnerabilities Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover The critical vulnerability allows attackers to read arbitrary emails, including password reset messages. Ionut ArghireNovember 5, 2025
Vulnerabilities CISA Warns of CWP Vulnerability Exploited in the Wild A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution. Eduard KovacsNovember 5, 2025
Vulnerabilities CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation. Ionut ArghireOctober 31, 2025
Malware & Threats Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware. Ionut ArghireOctober 31, 2025
Malware & Threats XWiki Vulnerability Exploited in Cryptocurrency Mining Operation Exploits have been available publicly for over half a year, but the bug was previously targeted only for reconnaissance. Ionut ArghireOctober 29, 2025
ICS/OT CISA Warns of Exploited DELMIA Factory Software Vulnerabilities Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely. Ionut ArghireOctober 29, 2025
Vulnerabilities Year-Old WordPress Plugin Flaws Exploited to Hack Websites Roughly 9 million exploit attempts were observed this month as mass exploitation of the critical vulnerabilities recommenced. Ionut ArghireOctober 27, 2025
Vulnerabilities Chrome Zero-Day Exploitation Linked to Hacking Team Spyware The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks. Ionut ArghireOctober 27, 2025