#zero-day-exploitation

[ follow ]
#oracle-e-business-suite #cve-2025-61882 #cl0p #fortiweb #cve-2025-58034 #os-command-injection #cisa
Information security
fromTheregister
1 week ago

Fortinet confirms second 0-day in just four days

FortiWeb OS command injection zero-day CVE-2025-58034 is exploited in the wild; Fortinet released a patch—update FortiWeb devices immediately.
Information security
fromTheregister
2 weeks ago

Amazon: Cisco, Citrix 0-days indicate 'advanced' attacker

An advanced attacker used CitrixBleed 2 and an undocumented, max-severity Cisco ISE vulnerability as zero-days to deploy custom malware and achieve remote root code execution.
Information security
fromTechzine Global
2 weeks ago

Citrix and Cisco attacks discovered via Amazon honeypot

AWS's MadPot honeypot detected active exploitation of zero-days against Citrix NetScaler and Cisco ISE, revealing attackers exploiting CVE-2025-5777 and a Cisco zero-day.
Information security
fromTechzine Global
2 weeks ago

Cisco firewalls under attack: patching required

Cisco firewall products face ongoing exploitation causing device reboots and network outages; urgent updating to the latest patched software is required to prevent service disruption.
#oracle-e-business-suite
more#oracle-e-business-suite
Information security
fromSecurityWeek
2 months ago

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day

A critical deserialization vulnerability in Fortra GoAnywhere MFT (CVE-2025-10035) was exploited in the wild at least eight days before patches were released.
Information security
fromTheregister
2 months ago

CISA: Attacker exploited Ivanti bugs, dropped snoopy malware

Two zero-day Ivanti EPMM vulnerabilities (CVE-2025-4427, CVE-2025-4428) were chained to deploy malware and enable arbitrary code execution on compromised servers.
Information security
fromTheregister
2 months ago

Google pushes emergency patch for Chrome 0-day

Update Chrome immediately to patch CVE-2025-10585, a V8 type-confusion vulnerability actively exploited to enable crashes, arbitrary code execution, and potential system compromise.
Information security
fromIT Pro
2 months ago

Enterprises need to patch these Citrix flaws now

Critical memory-overflow and access-control vulnerabilities in Citrix NetScaler ADC/Gateway allow remote code execution, denial-of-service, and are being actively exploited.
Information security
fromThe Hacker News
3 months ago

Chinese Hackers Murky, Genesis, and Glacial Panda Escalate Cloud and Telecom Espionage

Murky Panda exploits trusted cloud relationships, internet-facing appliances, and supply-chain weaknesses to gain access and deploy a Golang RAT called CloudedHope.
[ Load more ]