More results...
Edimax is aware that CVE-2025-1316 has been exploited in the wild, but the impacted devices were discontinued over a decade ago.
The post Edimax Says No Patches Coming for Zero-Day Exploited by Botnets appeared first on SecurityWeek.
CISA has added three critical-severity flaws in Ivanti EPM to its Known Exploited Vulnerabilities catalog.
The post CISA Warns of Ivanti EPM Vulnerability Exploitation appeared first on SecurityWeek.
GreyNoise warns of mass exploitation of a critical vulnerability in PHP leading to remote code execution on vulnerable servers.
The post Mass Exploitation of Critical PHP Vulnerability Begins appeared first on SecurityWeek.
Multiple Mirai-based botnets are exploiting CVE-2025-1316, an Edimax IP camera vulnerability that allows remote command execution.
The post Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets appeared first on SecurityWeek.
Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.
The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first on Se…
Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation.
The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek.
Android’s March 2025 security update addresses over 40 vulnerabilities, including two actively exploited in the wild.
The post Google Patches Pair of Exploited Vulnerabilities in Android appeared first on SecurityWeek.
Exploitation has been known for months or years for most of the latest vulnerabilities added by CISA to its KEV catalog.
The post Exploitation Long Known for Most of CISA’s Latest KEV Additions appeared first on SecurityWeek.
XSS vulnerability allowed a threat actor to redirect users to arbitrary domains.
The post Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw appeared first on SecurityWeek.
CISA has added CVE-2024-20953, an Oracle Agile PLM vulnerability patched in January 2024, to its KEV catalog.
The post CISA Warns of Attacks Exploiting Oracle Agile PLM Vulnerability appeared first on SecurityWeek.