actively

  • Blog
    digitpatrox5 hours ago
    6

    CISA tags recently patched Chrome bug as actively exploited

    On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. Solidlab security researcher Vsevolod Kokorin discovered the flaw (CVE-2025-4664) and shared technical details online on May 5th. Google released security updates to patch it on Wednesday. As Kokorin explained, the vulnerability is due to insufficient policy enforcement in Google Chrome’s…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    32

    Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw

    Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP NetWeaver is an application server and development platform that runs and connects SAP and non-SAP applications across different technologies. Last week, SAP disclosed an unauthenticated file upload vulnerability, tracked as CVE-2025-31324, in SAP NetWeaver Visual Composer,…

    Read More »
  • Blog
    digitpatroxMarch 20, 2025
    65

    CISA tags NAKIVO backup flaw as actively exploited in attacks

    CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO’s Backup & Replication software. Tracked as CVE-2024-48248, this absolute path traversal flaw can be exploited by unauthenticated attackers to read arbitrary files on vulnerable devices. The US-based backup and ransomware recovery software vendor silently patched the security flaw with the release of…

    Read More »
  • Blog
    digitpatroxMarch 17, 2025
    80

    Critical RCE flaw in Apache Tomcat actively exploited in attacks

    A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request. Hackers are reportedly leveraging proof-of-concept (PoC) exploits that were published on GitHub just 30 hours after the flaw was disclosed last week. The malicious activity was confirmed by Wallarm security…

    Read More »
  • Blog
    digitpatroxMarch 8, 2025
    72

    Unpatched Edimax IP camera flaw actively exploited in botnet attacks

    A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. The flaw was discovered by Akamai researchers, who confirmed to BleepingComputer that the flaw is exploited in attacks that are still ongoing. Akamai researcher Kyle Lefton told BleepingComputer that they will provide more technical details about the flaw and…

    Read More »
  • Blog
    digitpatroxMarch 3, 2025
    78

    CISA tags Windows, Cisco vulnerabilities as actively exploited

    CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. While the cybersecurity agency has tagged these flaws as actively exploited in the wild, it has yet to provide specific details regarding this malicious activity and who is behind it. The first flaw (tracked as CVE-2023-20118) enables attackers to execute arbitrary…

    Read More »
  • Blog
    digitpatroxFebruary 13, 2025
    84

    Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws

    The monthly report is relatively lightweight, with some mobile updates or fixes that have already been performed server-side and shouldn’t be a concern to admins, said Tyler Reguly, associate director of security R&D at global cybersecurity software and services provider Fortra. Another vulnerability impacts only Microsoft Surface hardware. February update patches two exploited vulnerabilities The two exploited vulnerabilities are: CVE-2025-21391,…

    Read More »
  • Blog
    digitpatroxJanuary 27, 2025
    101

    Apple fixes this year’s first actively exploited zero-day bug

    ​Apple has released security updates to fix this year’s first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. The zero-day fixed today is tracked as CVE-2025-24085 [iOS/iPadOS, macOS, tvOS, watchOS, visionOS] and is a privilege escalation security flaw in Apple’s Core Media framework. “A malicious application may be able to elevate privileges. Apple is aware of a…

    Read More »
  • Blog
    digitpatroxDecember 12, 2024
    150

    Microsoft Patches One Actively Exploited Vulnerability, Among Others

    December brought a relatively mild Patch Tuesday, with one vulnerability having been actively exploited. Of all 70 vulnerabilities fixed, 16 were classified as critical. “This year, cybersecurity professionals must be on Santa’s nice list, or, at the very least, Microsoft’s,” Tyler Reguly, associate director of security R&D at cybersecurity software and services company Fortra, told TechRepublic in an email. Microsoft…

    Read More »
  • Blog
    digitpatroxSeptember 12, 2024
    305

    Is a VMware exodus looming? Disgruntled customers are actively seeking alternative providers or exploring open source options in the wake of Broadcom’s acquisition

    VMware customers are becoming increasingly frustrated with uncertainty and spiraling licensing costs, new research suggests, after its acquisition by IT giant Broadcom. Research from Civo found more than half (51.9%) of VMware customers were considering ditching services after Broadcom finalized its acquisition of the cloud computing and virtualization firm. After a series of drastic changes to its operating model including…

    Read More »
Load More
Back to top button
close