More results...
Reported by Meta and WhatsApp, the vulnerability leads to remote code execution and was likely exploited by a spyware vendor.
The post Samsung Patches Zero-Day Exploited Against Android Users appeared first on SecurityWeek.
A deserialization of untrusted data in the MOM software allows attackers to achieve remote code execution.
The post DELMIA Factory Software Vulnerability Exploited in Attacks appeared first on SecurityWeek.
The Akira ransomware group is likely exploiting a combination of three attack vectors to gain unauthorized access to vulnerable appliances.
The post Akira Ransomware Attacks Fuel Uptick in Exploitation of SonicWall Flaw appeared first on SecurityWeek.
A critical SAP S/4HANA code injection flaw tracked as CVE-2025-42957 and allowing full system takeover has been exploited in the wild.
The post Recent SAP S/4HANA Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Google has observed ViewState deserialization attacks leveraging a sample machine key exposed in older deployment guides.
The post Hackers Exploit Sitecore Zero-Day for Malware Delivery appeared first on SecurityWeek.
Elevation of privilege flaws in Android Runtime (CVE-2025-48543) and Linux kernel (CVE-2025-38352) have been exploited in targeted attacks.
The post Two Exploited Vulnerabilities Patched in Android appeared first on SecurityWeek.
CISA urges federal agencies to immediately patch an exploited arbitrary file write vulnerability in Git that leads to remote code execution.
The post Organizations Warned of Exploited Git Vulnerability appeared first on SecurityWeek.
Russian state-sponsored hackers tracked as Static Tundra continue to target Cisco devices affected by CVE-2018-0171.
The post Russian APT Exploiting 7-Year-Old Cisco Vulnerability: FBI appeared first on SecurityWeek.
A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks.
The post New Exploit Poses Threat to SAP NetWeaver Instances appeared first on SecurityWeek.
More than 870 N-able N-central instances have not been patched against CVE-2025-8875 and CVE-2025-8876, two exploited vulnerabilities.
The post Hundreds of N-able N-central Instances Affected by Exploited Vulnerabilities appeared first on SecurityWeek.