exploited – Page 4 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover

The critical vulnerability allows attackers to read arbitrary emails, including password reset messages.
The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.

November 5, 2025

0 comment

CISA Warns of CWP Vulnerability Exploited in the Wild

A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution.
The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityWeek.

November 5, 2025

0 comment

CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog

Broadcom has updated its advisory on CVE-2025-41244 to mention the vulnerability’s in-the-wild exploitation.
The post CISA Adds Exploited XWiki, VMware Flaws to KEV Catalog appeared first on SecurityWeek.

October 31, 2025

0 comment

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks

The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware.
The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek.

October 31, 2025

0 comment

XWiki Vulnerability Exploited in Cryptocurrency Mining Operation

Exploits have been available publicly for over half a year, but the bug was previously targeted only for reconnaissance.
The post XWiki Vulnerability Exploited in Cryptocurrency Mining Operation appeared first on SecurityWeek.

October 29, 2025

0 comment

CISA Warns of Exploited DELMIA Factory Software Vulnerabilities

Two DELMIA Apriso flaws can be chained together to gain privileged access to the application and execute arbitrary code remotely.
The post CISA Warns of Exploited DELMIA Factory Software Vulnerabilities appeared first on SecurityWeek.

October 29, 2025

0 comment

Year-Old WordPress Plugin Flaws Exploited to Hack Websites

Roughly 9 million exploit attempts were observed this month as mass exploitation of the critical vulnerabilities recommenced.
The post Year-Old WordPress Plugin Flaws Exploited to Hack Websites appeared first on SecurityWeek.

October 27, 2025

0 comment

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware

The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks.
The post Chrome Zero-Day Exploitation Linked to Hacking Team Spyware appeared first on SecurityWeek.

October 27, 2025

0 comment

Critical Windows Server WSUS Vulnerability Exploited in the Wild

CVE-2025-59287 allows a remote, unauthenticated attacker to execute arbitrary code and a PoC exploit is available.
The post Critical Windows Server WSUS Vulnerability Exploited in the Wild appeared first on SecurityWeek.

October 24, 2025

0 comment

Exploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at Risk

Patched in September, the SessionReaper bug could be exploited without authentication to bypass a security feature.
The post Exploitation of Critical Adobe Commerce Flaw Puts Many eCommerce Sites at Risk appeared first on SecurityWeek.

October 23, 2025

0 comment

1 2 3 4 5 6 … 23

M	T	W	T	F	S	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31

M	T	W	T	F	S	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30	31