QNAP NetBak Exposed: Critical ASP.NET Core Bug Enables Security Bypass
A critical security vulnerability has been identified in QNAP's NetBak PC Agent software, stemming from a flaw in Microsoft ASP.NET…
0 Comments
October 29, 2025
Patch Now! Apache Tomcat Vulnerabilities Expose Servers to RCE Risk
The Apache Software Foundation recently addressed two security vulnerabilities affecting multiple versions of Apache Tomcat, a widely-used open-source Java servlet…
October 29, 2025
Critical XWiki Vulnerability Abused in the Wild for Cryptocurrency Mining
A critical remote code execution (RCE) vulnerability (CVE-2025-24893) in XWiki, a widely-used open-source wiki platform, is being actively exploited in…
October 29, 2025
Critical RCE Flaw Hits Motex LANSCOPE, CISA Issues Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-61932, a critical security flaw in Motex LANSCOPE Endpoint Manager, to its…
Comments Off on Critical RCE Flaw Hits Motex LANSCOPE, CISA Issues Warning
October 28, 2025
Triple Threat: Dell Storage Manager Flaws Put Systems at Risk
On October 24, 2025, Dell Technologies addressed three critical vulnerabilities in its Storage Manager software. These vulnerabilities could allow an…
Comments Off on Triple Threat: Dell Storage Manager Flaws Put Systems at Risk
October 28, 2025
ProxyCommand Panic: CVE-2025-61984 Lets Attackers Hijack SSH Clients
A newly discovered vulnerability in OpenSSH's ProxyCommand feature, identified as CVE-2025-61984, allows remote attackers to execute arbitrary code on client systems.…
Comments Off on ProxyCommand Panic: CVE-2025-61984 Lets Attackers Hijack SSH Clients
October 23, 2025
ToolShell Unlocked: Chinese-Aligned Hackers Weaponize SharePoint Zero-Day for Global Espionage
Executive Summary A critical vulnerability in Microsoft-SharePoint-Server (tracked as CVE-2025-53770 and part of the “ToolShell” chain) has been actively exploited…
Comments Off on ToolShell Unlocked: Chinese-Aligned Hackers Weaponize SharePoint Zero-Day for Global Espionage
October 23, 2025
Act Fast! SMB Vulnerability Lets Attackers Gain SYSTEM-Level Access
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a high-severity privilege escalation vulnerability in Windows Server…
Comments Off on Act Fast! SMB Vulnerability Lets Attackers Gain SYSTEM-Level Access
October 21, 2025
Adobe AEM’s Debug Doorway: Critical RCE Under Active Exploitation
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw affecting Adobe Experience Manager (AEM) to its…
Comments Off on Adobe AEM’s Debug Doorway: Critical RCE Under Active Exploitation
October 21, 2025
RondoDox Rampage: A Multivendor “Exploit-Shotgun” Botnet
Executive Summary RondoDox is an emerging, multivector botnet that has been observed weaponizing 56 distinct vulnerabilities across 30+ device and…
Comments Off on RondoDox Rampage: A Multivendor “Exploit-Shotgun” Botnet
October 16, 2025