More results...
F5 Networks has disclosed a new HTTP/2 vulnerability affecting multiple BIG-IP products that could allow attackers to launch denial-of-service attacks against enterprise networks. The vulnerability, designated CVE-2025-54500 and published on August 13,…
Security researchers have uncovered a sophisticated new phishing campaign that exploits the Japanese hiragana character “ん” to create deceptively authentic-looking URLs that can fool even vigilant internet users. The attack, first identifie…
A newly disclosed vulnerability in Palo Alto Networks’ GlobalProtect application could allow attackers to escalate privileges and install malicious software on affected systems through improper certificate validation. The security flaw, tracked a…
Cisco has released over 20 advisories as part of its August 2025 bundled publication for ASA, FMC and FTD products.
The post Cisco Patches Critical Vulnerability in Firewall Management Platform appeared first on SecurityWeek.
A critical vulnerability discovered in Cisco’s Secure Firewall Threat Defense Software has been identified as CVE-2025-20217, posing significant risks to network security infrastructure worldwide. The vulnerability, affecting the Snort 3 Detectio…
Security researchers have disclosed a critical vulnerability in the HTTP/2 protocol that could enable massive distributed denial-of-service (DDoS) attacks, potentially affecting millions of web servers worldwide. The flaw, dubbed “MadeYouReset…
Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center software that could allow unauthenticated attackers to remotely execute shell commands with elevated privileges. The flaw, tracked as CVE-2025-20265, carries…
The Canadian House of Commons has fallen victim to a significant cyberattack orchestrated by an unidentified “threat actor” who successfully exploited a recent Microsoft vulnerability to access sensitive government employee data. The incide…
Path traversal and XXE injection flaws allowing unauthenticated remote code execution have been patched in Xerox FreeFlow Core.
The post Vulnerabilities in Xerox Print Orchestration Product Allow Remote Code Execution appeared first on SecurityWeek.
The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with eight other national cyber agencies, has released a comprehensive “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators.” Published on Augus…