SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
WrtHug Abuse of ASUS WRT Vulnerabilities Exposes Thousands of EoL Routers
Operation WrtHug refers to a widespread compromise of end-of-life (EoL) ASUS routers, where attackers exploit previously disclosed vulnerabilities to gain control over large numbers of unsupported devices. The activity has impacted tens of thousands of systems, with most cases identified in Taiwan, ...
CVE Research
CVE-2025-13223: The Chrome Vulnerability You Can’t Afford to Ignore
Heads up, Chrome users! An actively exploited zero-day vulnerability, CVE-2025-13223, has been identified in Google Chrome’s V8 JavaScript and WebAssembly engine. This vulnerability could allow attackers to execute arbitrary code or cause program crashes. Google has already released security updates...
CVE Research
Zero-Day Vulnerability: How Dangerous Are They?
Zero-day vulnerabilities sit at the center of many high-profile cyberattacks. Security teams race to defend their environments, while attackers exploit these flaws before a patch exists. The result is a threat that often hits without warning and spreads faster than defenders can respond.
CVE Research
Bugs Caught in the FortiWeb: Active Attacks Target FortiWeb Zero-Days
Fortinet has recently addressed two actively exploited zero-days in its FortiWeb web application firewall (WAF). These flaws, a command injection vulnerability (CVE-2025-58034) and a path traversal vulnerability (CVE-2025-64446), could allow attackers to execute unauthorized code and gain administra...
CVE Research
FortiWeb at Risk: Unauthenticated Attackers Gaining Full WAF Control via Admin Creation
A critical authentication bypass vulnerability in Fortinet’s FortiWeb web application firewalls (WAF), identified as CVE-2025-64446 with a CVSS score of 9.8, is being actively and indiscriminately exploited in the wild. The flaw allows unauthenticated attackers to execute administrative commands and...
CVE Research
RondoDox Botnet Expansion: Threat Actors Weaponize Critical XWiki Vulnerability
The discovery of widespread exploitation of a critical XWiki vulnerability CVE-2025-24893 reveals a severe threat to organizations running unpatched instances. Active threat activity shows that attackers—most notably the RondoDox botnet—are abusing this flaw to execute arbitrary code, compromise ser...
CVE Research
Severe Dell Data Lakehouse Security Bug Enables Remote Privilege Escalation
A critical vulnerability, tracked as CVE-2025-46608, has been disclosed in the Dell Data Lakehouse platform, enabling remote attackers to escalate privileges within affected environments. Successful exploitation could allow adversaries to gain elevated access and compromise both data and system inte...
CVE Research
Archive Terror: Dissecting the WinRAR CVE-2025-6218 Exploit & APT-C-08’s Stealth Move
A targeted cyber-espionage campaign attributed to the threat group APT-C-08 is actively exploiting a high severity directory traversal vulnerability, CVE-2025-6218, in older versions of WinRAR. The campaign focuses on government organizations in South Asia, using phishing emails with malicious RAR a...
CVE Research
SAP Urges Immediate Updates as CVE-2025-42887 Enables Full System Compromise
A critical security vulnerability, tracked as CVE-2025-42887, has been identified in SAP systems, prompting an urgent need for organizations to apply the latest patches. With a near-maximum severity score of 9.9, the flaw poses a significant risk as it could allow attackers to gain full control over...