let
-
A newly discovered Python-based backdoor called AnubisBackdoor is enabling threat actors to execute remote commands on compromised systems while completely evading detection by most antivirus solutions. Developed by the notorious threat group Savage Ladybug (also known as FIN7), this malware combines simplicity with effectiveness through mild obfuscation techniques, allowing attackers to maintain persistent access to…
-
A critical security flaw in Apache Camel’s header validation mechanism allows attackers to execute arbitrary system commands by exploiting case-sensitive header injection. A POC released for CVE-2025-27636, this vulnerability impacts Apache Camel versions 4.10.0-4.10.1, 4.8.0-4.8.4, and 3.10.0-3.22.3, exposing systems using vulnerable Exec component configurations to remote code execution (RCE). Apache Camel Vulnerability The vulnerability stems…
-
A critical vulnerability in SolarWinds’ Web Help Desk software (CVE-2024-28989) allowed attackers to decrypt sensitive credentials, including database passwords and LDAP/SMTP authentication secrets, through cryptographic weaknesses in its AES-GCM implementation. Patched in version 12.8.5, the flaw stemmed from predictable encryption keys and nonce reuse, enabling practical decryption of stored secrets even without direct system access.…
-
A critical security vulnerability (CVE-2024-56325) in Apache Pinot, the open-source distributed OLAP datastore used by LinkedIn, Uber, and Microsoft for real-time analytics, allows unauthenticated attackers to bypass authentication controls and gain full system access. Rated 9.8 on the CVSS v3 scale – the maximum severity score – this flaw exposes organizations to data exfiltration, privilege…
-
Jenkins, the widely adopted open-source automation server central to CI/CD pipelines, has disclosed four critical security vulnerabilities enabling unauthorized secret disclosure, cross-site request forgery (CSRF), and open redirect attacks. These flaws, patched in versions 2.500 (weekly) and 2.492.2 (LTS), affect earlier releases, including Jenkins 2.499 and LTS 2.492.1. Potential impacts range from credential theft to…
-
Security researchers have uncovered a critical vulnerability in AMD Zen CPUs that allows attackers with elevated privileges to load malicious microcode patches, bypassing cryptographic signature checks. Dubbed “EntrySign,” this flaw stems from AMD’s use of the AES-CMAC algorithm as a hash function during microcode validation—a design decision that enables collision attacks and signature forgery. Microcode…
-
A critical security vulnerability in Apache Pinot designated CVE-2024-56325, has been disclosed. It allows unauthenticated, remote attackers to bypass authentication mechanisms and gain unauthorized access to sensitive systems. Researchers from the Knownsec 404 Team discovered the flaw and disclosed it through Trend Micro’s Zero Day Initiative. The flaw’s maximum CVSS v3.0 score of 9.8 reflects…
-
DuckDuckGo has big plans for embedding AI into its search engine. The privacy-focused company just announced that its AI-generated answers, which appear for certain queries on its search engine, have exited beta and now source information from across the web — not just Wikipedia. It will soon integrate web search within its AI chatbot, which…
-
Cisco Systems has issued a critical security advisory addressing a command injection vulnerability in its Nexus 3000 and 9000 Series Switches operating in standalone NX-OS mode. Designated as CVE-2025-20161, the flaw allows authenticated local attackers with administrative privileges to execute arbitrary commands on the underlying operating system with root-level access. The vulnerability, discovered during internal…
-
GitLab has issued a security advisory warning of multiple high-risk vulnerabilities in its DevOps platform, including two critical Cross-Site Scripting (XSS) flaws enabling attackers to bypass security controls and execute malicious scripts in user browsers. The vulnerabilities – tracked as CVE-2025-0475 (CVSS 8.7) and CVE-2025-0555 (CVSS 7.7) – affect self-managed instances across multiple versions, with…
-
A critical security vulnerability in LibreOffice (CVE-2025-0514) has been patched after researchers discovered that manipulated documents could bypass safeguards and execute malicious files on Windows systems. The flaw, rated 7.2 on the CVSS v4.0 scale, exposes users to potential remote code execution (RCE) attacks by exploiting LibreOffice’s hyperlink handling mechanism. The vulnerability stems from improper…
-
Xerox Versalink printers are vulnerable to pass-back attacks. Rapid7 discovers LDAP & SMB flaws (CVE-2024-12510 & CVE-2024-12511). Update…
-
A critical vulnerability in Apache Ignite tracked as CVE-2024-52577, exposes systems to remote code execution (RCE) attacks due to improper enforcement of class serialization filters. Rated CVSS 9.8, this flaw affects Ignite versions 2.6.0 through 2.16.x, enabling attackers to execute arbitrary code by exploiting deserialization weaknesses in server endpoints. Apache Ignite, a distributed in-memory database…
-
A high-severity security vulnerability, identified as CVE-2024-21966, has been discovered in the AMD Ryzen Master Utility, a software tool designed to optimize the performance of AMD Ryzen processors. The vulnerability, classified as DLL hijacking, could allow attackers to execute arbitrary code and escalate privileges on affected systems. With a CVSS score of 7.3, this vulnerability…
-
A newly disclosed high-severity vulnerability in WinZip, tracked as CVE-2025-1240, enables remote attackers to execute arbitrary code on affected systems by exploiting malformed 7Z archive files. The flaw, rated 7.8 on the CVSS scale, impacts WinZip 28.0 (Build 16022) and earlier versions, requiring users to update to WinZip 29.0 to mitigate risks. WinZip Vulnerability –…
-
Palo Alto Networks has disclosed a critical vulnerability (CVE-2025-010) in its PAN-OS software that could allow attackers to bypass authentication on the management web interface. This flaw, which has been assigned a CVSS Base Score of 8.8, poses a significant risk to organizations using affected versions of PAN-OS. The vulnerability stems from an authentication bypass…
-
Devolutions have disclosed critical vulnerabilities in its Remote Desktop Manager (RDM) software, which could allow attackers to intercept and modify encrypted communications through man-in-the-middle (MITM) attacks. These flaws stem from improper certificate validation across all platforms and have been assigned high-severity CVE identifiers. CVE-2025-1193 Improper Host Validation CVE-2025-1193 has been assigned to this vulnerability, with…
-
A significant security vulnerability has been identified in Windows, allowing attackers to remotely delete targeted files on affected systems. This vulnerability, tracked as CVE-2025-21391, was disclosed on February 11, 2025, and is classified as an Elevation of Privilege vulnerability with a severity rating of “Important.” CVE-2025-21391 exploits a flaw known as “Improper Link Resolution Before…
-
Two critical username enumeration vulnerabilities were identified in the AWS Web Console, exposing all console-enabled Identity and Access Management (IAM) users to potential risk. These vulnerabilities, discovered by Rhino Security Labs, highlight security issues on AWS’s side of the Shared Responsibility Model, contrasting with the usual focus on customer-side security (“Security in the Cloud”). While…
-
Three critical vulnerabilities have been identified in the PAM-PKCS#11 module, a widely used Linux-PAM login module that facilitates X.509 certificate-based user authentication. These vulnerabilities, cataloged under CVE-2025-24032, CVE-2025-24531, and CVE-2025-24031, pose significant risks by allowing attackers to bypass authentication mechanisms, potentially leading to unauthorized access and system disruptions. CVE-2025-24032 – Authentication Bypass via Token Hijacking…