24h | 7d | 30d

Overview

  • Microsoft
  • .NET 8.0

14 May 2024
Published
03 May 2025
Updated

CVSS v3.1
MEDIUM (6.3)
EPSS
0.29%

KEV

Description

.NET and Visual Studio Remote Code Execution Vulnerability

Statistics

  • 1 Post

Last activity: 23 hours ago

Bluesky

Profile picture
📌 Critical 7-Zip Vulnerability (CVE-2024-30045) with Public Exploit Requires Immediate Manual Update https://www.cyberhub.blog/article/15979-critical-7-zip-vulnerability-cve-2024-30045-with-public-exploit-requires-immediate-manual-update
  • 0
  • 0
  • 0
  • 23h ago

Overview

  • Google
  • Chrome

17 Nov 2025
Published
20 Nov 2025
Updated

CVSS
Pending
EPSS
16.09%

Description

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 1 Post

Last activity: 19 hours ago

Bluesky

Profile picture
Google publica una corrección de seguridad para la vulnerabilidad de día cero de Chrome V8 explotada activamente. La vulnerabilidad en cuestión es CVE-2025-13223 (puntuación CVSS: 8,8). #ciberseguridad #cybersecurity www.linkedin.com/pulse/google...
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • DB Electronica Telecomunicazioni S.p.A.
  • Mozart FM Transmitter

26 Nov 2025
Published
26 Nov 2025
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
Pending

KEV

Description

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Tar extraction with -C / allow arbitrary file overwrite via crafted archive. The `restore_mozzi_memories.sh` script extracts user-controlled tar archives with `-C /` flag, depositing contents to the filesystem root without path validation. When combined with the unauthenticated file upload vulnerabilities (CVE-01, CVE-06, CVE-07), attackers can craft malicious .tgz archives containing path-traversed filenames (e.g., `etc/shadow`, `var/www/index.php`) to overwrite critical system files in writable directories, achieving full system compromise.

Statistics

  • 1 Post

Last activity: 7 hours ago

Fediverse

Profile picture

🚨 CVE-2025-66262 (CRITICAL): Mozart FM Transmitters (v30–7000) vulnerable to arbitrary file overwrite via tar extraction path traversal in restore_mozzi_memories.sh. Attackers can fully compromise devices. Patch & restrict uploads! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 7h ago

Overview

  • wazuh
  • wazuh

10 Feb 2025
Published
21 Oct 2025
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
93.80%

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. Starting in version 4.4.0 and prior to version 4.9.1, an unsafe deserialization vulnerability allows for remote code execution on Wazuh servers. DistributedAPI parameters are a serialized as JSON and deserialized using `as_wazuh_object` (in `framework/wazuh/core/cluster/common.py`). If an attacker manages to inject an unsanitized dictionary in DAPI request/response, they can forge an unhandled exception (`__unhandled_exc__`) to evaluate arbitrary python code. The vulnerability can be triggered by anybody with API access (compromised dashboard or Wazuh servers in the cluster) or, in certain configurations, even by a compromised agent. Version 4.9.1 contains a fix.

Statistics

  • 2 Posts

Last activity: 4 hours ago

Fediverse

Profile picture

🚨 New plugin: WazuhPlugin (CVE-2025-24016).

Wazuh default credentials and RCE vulnerability detection - RCE possible on multi-node configurations, versions 4.4.0 to 4.9.1 affected.

Results: leakix.net/search?q=%2Bplugin%

  • 0
  • 0
  • 1
  • 4h ago

Overview

  • SEIKO EPSON CORPORATION
  • EPSON WebConfig for SEIKO EPSON Projector Products

21 Nov 2025
Published
21 Nov 2025
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.06%

KEV

Description

EPSON WebConfig and Epson Web Control for SEIKO EPSON Projector Products do not restrict excessive authentication attempts. An administrative user's password may be identified through a brute force attack.

Statistics

  • 1 Post

Last activity: 13 hours ago

Bluesky

Profile picture
エプソン製プロジェクターのWeb管理機能に深刻な脆弱性(CVE-2025-64310) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security
  • 0
  • 0
  • 0
  • 13h ago

Overview

  • Microsoft
  • Windows 10 Version 1809

11 Mar 2025
Published
21 Oct 2025
Updated

CVSS v3.1
HIGH (7.0)
EPSS
9.34%

Description

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Statistics

  • 1 Post

Last activity: 16 hours ago

Bluesky

Profile picture
~Zscaler~ Water Gamayun APT exploits CVE-2025-26633 via lookalike domains to deliver multi-stage PowerShell payloads. - IOCs: belaysolutions[. ]link, 103. 246. 147. 17 - #CVE202526633 #ThreatIntel #WaterGamayun
  • 0
  • 0
  • 0
  • 16h ago

Overview

  • Pending

Pending
Published
05 Jul 2025
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Statistics

  • 1 Post

Last activity: 21 hours ago

Bluesky

Profile picture
Heads up, #Fedora users. A serious security update has landed. The Fedora Project has released a patch for a high-severity memory corruption vulnerability in Chromium (CVE-2025-1234). Read more: 👉 tinyurl.com/22z3x3rt #Security
  • 0
  • 0
  • 0
  • 21h ago

Overview

  • DB Electronica Telecomunicazioni S.p.A.
  • Mozart FM Transmitter

26 Nov 2025
Published
26 Nov 2025
Updated

CVSS v4.0
CRITICAL (9.2)
EPSS
Pending

KEV

Description

Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM Transmitter versions 30, 50, 100, 300, 500, 1000, 2000, 3000, 3500, 6000, 7000 allows an attacker to perform Allows unauthenticated arbitrary file upload via /var/tdf/status_contents.php.

Statistics

  • 1 Post

Last activity: 2 hours ago

Bluesky

Profile picture
🚨 CVE-2025-66250 — DB Electronica FM Transmitters Attackers can upload arbitrary files without authentication. This can lead to full device takeover and malware deployment. Urgent patching required. 🔗 basefortify.eu/cve_reports/... #CVE #ICS #IoT #SecurityRisk #Firmware
  • 0
  • 0
  • 0
  • 2h ago

Overview

  • Microsoft
  • Windows Server 2019

14 Oct 2025
Published
22 Nov 2025
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
64.04%

Description

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

Statistics

  • 1 Post

Last activity: 23 hours ago

Fediverse

Profile picture

ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access
thehackernews.com/2025/11/shad
A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute ShadowPad malware.
“The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source PowerShell-based Netcat utility, to obtain a system shell (CMD). Subsequently, they downloaded and installed ShadowPad using certutil and curl.”
Once installed, the malware launches a core module responsible for loading additional plugins embedded in the shellcode into memory. It incorporates multiple anti-detection and persistence techniques. The activity has not been attributed to any known threat actor.
“After the proof-of-concept (PoC) exploit code for the vulnerability was publicly released, attackers quickly weaponized it to distribute ShadowPad malware via WSUS servers,” AhnLab said. “This vulnerability is critical because it allows remote code execution with system-level permission, significantly increasing the potential impact.”

  • 0
  • 0
  • 0
  • 23h ago

Overview

  • Facebook
  • WhatsApp Desktop for Mac

29 Aug 2025
Published
21 Oct 2025
Updated

CVSS v3.1
MEDIUM (5.4)
EPSS
1.12%

Description

Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a target’s device. We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users.

Statistics

  • 1 Post

Last activity: 22 hours ago

Fediverse

Profile picture

Telegram, WhatsApp e Signal sotto tiro dagli Spyware. Il CISA Avverte

Un avviso importante è stato pubblicato lunedì dalla Cybersecurity and Infrastructure Security Agency (CISA) degli Stati Uniti, il quale avverte che malintenzionati stanno attivamente utilizzando strumenti di spyware commerciali e trojan di accesso remoto (RAT) per colpire gli utenti di app di messaggistica mobile.

“Questi criminali informatici utilizzano tecniche sofisticate di targeting e di ingegneria sociale per diffondere spyware e ottenere accesso non autorizzato all’app di messaggistica della vittima, facilitando l’implementazione di ulteriori payload dannosi che possono compromettere ulteriormente il dispositivo mobile della vittima”, ha affermato l’agenzia statunitense.

La CISA ha citato come esempi diverse campagne emerse dall’inizio dell’anno. Tra queste, ricordiamo:

  • L’app di messaggistica Signal è stata presa di mira da più attori di minacce allineati con la Russia, sfruttando la funzionalità “dispositivi collegati” del servizio per dirottare gli account utente presi di mira.
  • Campagne di spyware Android con nome in codice ProSpy e ToSpy che impersonano app come Signal e ToTok per prendere di mira gli utenti negli Emirati Arabi Uniti per distribuire malware che stabilisce un accesso persistente ai dispositivi Android compromessi ed esfiltra i dati
  • Una campagna spyware per Android chiamata ClayRat ha preso di mira gli utenti in Russia che utilizzano canali Telegram e pagine di phishing simili, impersonando app popolari come WhatsApp, Google Foto, TikTok e YouTube per indurre gli utenti a installarle e rubare dati sensibili.
  • Una campagna di attacchi mirati che probabilmente ha concatenato due falle di sicurezza in iOS e WhatsApp ( CVE-2025-43300 e CVE-2025-55177 ) per colpire meno di 200 utenti WhatsApp
  • Una campagna di attacco mirata che ha coinvolto lo sfruttamento di una falla di sicurezza Samsung (CVE-2025-21042) per distribuire uno spyware Android denominato LANDFALL ai dispositivi Galaxy in Medio Oriente

Gli autori della minaccia, secondo quanto affermato dall’agenzia, fanno uso di varie strategie per ottenere la compromissione, tra cui l’utilizzo di codici QR che collegano a dispositivi, sfruttando vulnerabilità zero-click e diffondendo versioni contraffatte di applicazioni di messaggistica.

Per contrastare la minaccia, l’agenzia sta esortando gli individui altamente presi di mira a rivedere e aderire alle seguenti buone pratiche:

  • Utilizzare solo comunicazioni crittografate end-to-end (E2EE)
  • Abilita l’autenticazione Fast Identity Online (FIDO) resistente al phishing
  • Abbandonare l’autenticazione a più fattori (MFA) basata sul servizio di messaggistica breve (SMS)
  • Utilizzare un gestore di password per memorizzare tutte le password
  • Imposta un PIN del fornitore di telecomunicazioni per proteggere gli account di telefonia mobile
  • Aggiornare periodicamente il software
  • Scegli l’ultima versione hardware del produttore del telefono cellulare per massimizzare i vantaggi in termini di sicurezza
  • Non utilizzare una rete privata virtuale personale (VPN)
  • Sugli iPhone, abilita la modalità di blocco, registrati a iCloud Private Relay e rivedi e limita le autorizzazioni delle app sensibili
  • Sui telefoni Android, scegli telefoni di produttori con una solida esperienza in materia di sicurezza, usa solo Rich Communication Services (RCS) se E2EE è abilitato, attiva la protezione avanzata per la navigazione sicura in Chrome, assicurati che Google Play Protect sia attivo e controlla e limita le autorizzazioni delle app

Il CISA riporta che sono presi di mira, in particolare, individui di elevato profilo, comprendenti funzionari governativi, militari e politici in carica e non più in carica, nonché organizzazioni del settore civile e privati cittadini localizzati negli Stati Uniti, nel Medio Oriente e in Europa, come sottolineato dalla CISA.

L'articolo Telegram, WhatsApp e Signal sotto tiro dagli Spyware. Il CISA Avverte proviene da Red Hot Cyber.

  • 0
  • 0
  • 0
  • 22h ago
Showing 21 to 30 of 32 CVEs