More results...
Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP Server and CVE-2025-47812 Wing FTP Server is a commercial file transfer server so…
Security researchers have discovered two critical vulnerabilities in RapidFire Tools Network Detective, a widely-used network assessment and reporting tool developed by Kaseya, that expose sensitive credentials to potential attackers. The flaws, disclo…
Security researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first observed attack occurring just one day after the vulnerability’s p…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding active exploitation of a newly discovered vulnerability in Citrix NetScaler ADC and Gateway systems, with organizations facing an immediate deadline to im…
Two vulnerabilities in an internal API allowed unauthorized access to contacts and chats, exposing the information of 64 million McDonald’s applicants.
The post McDonald’s Chatbot Recruitment Platform Leaked 64 Million Job Applications appeared f…
Wing FTP Server vulnerability CVE-2025-47812 can be exploited for arbitrary command execution with root or system privileges.
The post Critical Wing FTP Server Vulnerability Exploited appeared first on SecurityWeek.
A critical vulnerability has been identified in the GSMA TS.48 Generic Test Profile versions 6.0 and earlier, which are widely used across the eSIM industry for radio compliance testing. This flaw enables attackers with physical access to an embedded U…
A critical arbitrary file deletion vulnerability has been discovered in the SureForms WordPress plugin, affecting over 200,000 active installations and potentially enabling unauthenticated attackers to achieve full site takeover. The flaw, tracked as C…
Security researchers have discovered a critical stack-based buffer overflow vulnerability in D-Link DIR-825 Rev.B 2.10 routers that allows remote attackers to crash servers without requiring authentication. The vulnerability, designated as CVE-2025-720…
A critical vulnerability in Juniper Networks’ Junos OS and Junos OS Evolved has been disclosed that permits unauthenticated adjacent attackers to trigger a sustained denial of service by sending specially crafted BGP UPDATE packets. The issue, tracked …