cyber security
Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware
Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in Cityworks, a widely used asset management system.
This critical flaw has been leveraged by a...
ChatGPT
Linux Kernel Zero-Day SMB Vulnerability Discovered via ChatGPT
Security researcher has discovered a zero-day vulnerability (CVE-2025-37899) in the Linux kernel's SMB server implementation using OpenAI's o3 language model.
The vulnerability, a use-after-free...
cyber security
Versa Concerto 0-Day Flaw Enables Remote Code Execution by Bypassing Authentication
Security researchers have uncovered multiple critical vulnerabilities in Versa Concerto, a widely deployed network security and SD-WAN orchestration platform used by large enterprises, service...
cyber security
Grafana Zero-Day Vulnerability Allows Attackers to Redirect Users to Malicious Sites
The High-severity cross-site scripting (XSS) vulnerability has been discovered in Grafana, prompting the immediate release of security patches across all supported versions.
The vulnerability (CVE-2025-4123)...
Cyber Attack
Ivanti EPMM 0-Day RCE Vulnerability Under Active Attack
Critical vulnerability chain in Ivanti’s Endpoint Manager Mobile (EPMM) has been actively exploited.
The vulnerabilities, initially disclosed by Ivanti on March 13th, 2025, combine an...
cyber security
Qilin Exploits SAP Zero-Day Vulnerability Weeks Ahead of Public Disclosure
Cybersecurity experts at OP Innovate have uncovered evidence that CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer, was actively exploited nearly three...
cyber security
CISA Adds Actively Exploited Ivanti EPMM Zero-Day to KEV Catalog
Cybersecurity and Infrastructure Security Agency (CISA) has added two critical zero-day vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM) to its Known Exploited Vulnerabilities (KEV)...
cyber security
Active Exploitation of Ivanti EPMM Zero-Day Vulnerability in the Wild
Security researchers at The Shadowserver Foundation have identified active exploitation attempts targeting a critical zero-day vulnerability in Ivanti's Enterprise Mobility Management (EPMM) platform.
The...
cyber security
Critical Firefox 0-Day Flaws Allow Remote Code Execution
Mozilla has urgently patched two critical 0-day vulnerabilities in its popular web browser Firefox, both of which could allow remote attackers to execute malicious...
cyber security
Pwn2Own Day 3: Zero-Day Exploits Windows 11, VMware ESXi, and Firefox
The Pwn2Own Berlin 2025 last day ended with impressive technological accomplishments, bringing the total prize money over one million dollars.
Security researchers demonstrated sophisticated exploitation...
cyber security
VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2
Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical vulnerabilities across major enterprise platforms and earning $435,000 in...