LakshmananVulnerability

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

AndyC 19 December 2025

Dec 18, 2025Ravie LakshmananVulnerability / Enterprise Security Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software...

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

AndyC 18 December 2025

Dec 18, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical...

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

AndyC 18 December 2025

Dec 18, 2025Ravie LakshmananVulnerability / Network Security Cisco has alerted users to a maximum-severity zero-day flaw in Cisco AsyncOS software...

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

AndyC 18 December 2025

Dec 17, 2025Ravie LakshmananVulnerability / Network Security SonicWall has rolled out fixes to address a security flaw in Secure Mobile...

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

AndyC 18 December 2025

Dec 17, 2025Ravie LakshmananVulnerability / Malware The threat actor linked to Operation ForumTroll has been attributed to a fresh set...

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

AndyC 16 December 2025

Dec 15, 2025Ravie LakshmananVulnerability / Software Security Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX)...

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

AndyC 11 December 2025

Dec 10, 2025Ravie LakshmananVulnerability / Malware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a security flaw...

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

AndyC 10 December 2025

Dec 10, 2025Ravie LakshmananVulnerability / Endpoint Security Fortinet, Ivanti, and SAP have moved to address critical security flaws in their...

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

AndyC 7 December 2025

Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a...

Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability

AndyC 6 December 2025

Dec 05, 2025Ravie LakshmananVulnerability / Software Security Two hacking groups with ties to China have been observed weaponizing the newly...

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

AndyC 5 December 2025

Dec 05, 2025Ravie LakshmananVulnerability / Network Security A command injection vulnerability in Array Networks AG Series secure access gateways has...

Critical RSC Bugs in React and Next.js Allow Unauthenticated Remote Code Execution

AndyC 4 December 2025

Dec 03, 2025Ravie LakshmananVulnerability / Cloud Security A maximum-severity security flaw has been disclosed in React Server Components (RSC) that,...

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

AndyC 25 November 2025

Nov 24, 2025Ravie LakshmananVulnerability / Container Security Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight...

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

AndyC 22 November 2025

Nov 21, 2025Ravie LakshmananVulnerability / Threat Mitigation Grafana has released security updates to address a maximum severity security flaw that...

ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet

AndyC 21 November 2025

Nov 20, 2025Ravie LakshmananVulnerability / Cloud Computing Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in...

LakshmananVulnerability

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances

SonicWall Fixes Actively Exploited CVE-2025-40602 in SMA 100 Appliances

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

Fortinet, Ivanti, and SAP Issue Urgent Patches for Authentication and Code Execution Flaws

Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation

Chinese Hackers Have Started Exploiting the Newly Disclosed React2Shell Vulnerability

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET Threat Report H2 2025

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Black Hat Europe 2025: Was that device designed to be on the internet at all?

Donate Bitcoin to this address

Donate Ethereum to this address

Chinese Hackers Exploited a Zero-Day in Cisco Email Security Systems

Risk Management in Banking: Leveraging AI and Advanced Analytics

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

RegScale Open Sources OSCAL Hub to Further Compliance-as-Code Adoption

Donate Bitcoin to this address

Donate Ethereum to this address

You may have missed