More results...
The Likely Exploited Vulnerabilities (LEV) equations can help augment KEV- and EPSS-based remediation prioritization.
The post Vulnerability Exploitation Probability Metric Proposed by NIST, CISA Researchers appeared first on SecurityWeek.
Cybersecurity experts at OP Innovate have uncovered evidence that CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer, was actively exploited nearly three weeks before its public disclosure. This flaw, residing in the /de…
A severe security flaw has been uncovered in the Motors WordPress theme, a popular choice for car dealerships and listings with over 22,000 sales on ThemeForest. Researcher Foxyyy reported a critical Privilege Escalation vulnerability through the Wordf…
A vulnerability in O2’s implementation of the IMS standard resulted in user location data being exposed in network responses.
The post O2 Service Vulnerability Exposed User Location appeared first on SecurityWeek.
Serviceaide data leak exposes sensitive health info of 500K Catholic Health patients due to misconfigured database; risk of ID theft and fraud.
DDoSecrets indexes 410GB of breached TeleMessage data, including messages and metadata, from hack tied to unsecured Signal clone used by US government officials.
A new report from Zimperium is alerting users about growing threats facing iOS devices, particularly those tied to…
Threat actors exploited a known vulnerability, CVE-2023-22527, a template injection flaw in Atlassian Confluence servers exposed to the internet. This exploit facilitated remote code execution (RCE), enabling attackers to gain initial access and establ…
Pwn2Own participants demonstrated exploits against VMs, AI, browsers, servers, containers, and operating systems.
The post Hackers Earn Over $1 Million at Pwn2Own Berlin 2025 appeared first on SecurityWeek.
ESET reports on RoundPress, a cyber espionage campaign by Russia’s Fancy Bear (Sednit) targeting Ukraine-related organizations via webmail…