More results...
More than 5,000 Ivanti Connect Secure appliances are vulnerable to attacks exploiting CVE-2025-22457, which has been used by Chinese hackers.
The post Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk appeared first on SecurityWeek.
Android’s latest security update resolves two exploited Kernel vulnerabilities, as well as critical-severity bugs.
The post Android Update Patches Two Exploited Vulnerabilities appeared first on SecurityWeek.
Huntress has shared details on the post-exploitation activities of threat actors targeting the recent CrushFTP vulnerability.
The post Threat Actors Setting Up Persistent Access to Hosts Hacked in CrushFTP Attacks appeared first on SecurityWeek.
Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one’.
The post Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability appeared first on SecurityWeek.
DrayTek has shared some clarifications regarding the recent attacks causing router reboots, but some questions remain unanswered.
The post Questions Remain Over Attacks Causing DrayTek Router Reboots appeared first on SecurityWeek.
Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161.
The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek.
Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models.
The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek.
Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.
The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek.
Threat actors have started probing servers impacted by a critical-severity vulnerability in the web application development framework Next.js.
The post Critical Next.js Vulnerability in Hacker Crosshairs appeared first on SecurityWeek.
DrayTek routers around the world are rebooting and the vendor’s statement suggests that it may involve the exploitation of a vulnerability.
The post Vulnerability Exploitation Possibly Behind Widespread DrayTek Router Reboots appeared first on Security…