#security-flaws

[ follow ]
fromThe Hacker News
1 week ago

Cisco Confirms Active Exploits Targeting ISE Flaws Enabling Unauthenticated Root Access

Cisco updated its advisory regarding critical vulnerabilities in Identity Services Engine, acknowledging active exploitation. Some vulnerabilities were attempted to be exploited in the wild as of July 2025.
Information security
fromTheregister
3 weeks ago

Microsoft's first Patch Tuesday of 2025 with nothing hacked

For the first time this year, Microsoft has released a Patch Tuesday bundle with no exploited security problems, although one has been made public. July's software flaw fix package includes 130 patches with one earning a CVSS score of over nine - CVE-2025-47981, which breaks SPNEGO security protocols with a heap-based buffer overflow that allows remote code execution. The other nine critical issues include four in Office, where four flaws allow for remote code execution.
Privacy professionals
fromGadgets 360
1 month ago

This Coros Smartwatch Flaw Lets Malicious Users View Data, Notifications

The security flaws were discovered by a German IT firm when the Coros Watch 3 was paired with an Android smartphone, allowing unauthorized access to private data.
Gadgets
#cybersecurity
fromThe Hacker News
1 month ago
Information security

Hard-Coded 'b' Password in Sitecore XP Sparks Major RCE Risk in Enterprise Deployments

Sitecore Experience Platform has critical security flaws allowing pre-authenticated remote code execution.
fromThe Hacker News
3 months ago
Information security

Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws

EncryptHub displays a dual identity as both a cybersecurity contributor and a potential cybercriminal, navigating between ethical and unethical practices.
more#cybersecurity
fromZDNET
1 month ago

Qualcomm patches three exploited security flaws, but you could still be vulnerable

Qualcomm has patched three critical zero-day security vulnerabilities related to its Adreno GPU driver, indicating ongoing exploitation risks.
fromThe Hacker News
3 months ago

Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised

Critical vulnerabilities in Craft CMS are being exploited in zero-day attacks, requiring immediate attention from users.
fromTheregister
4 months ago

Apple belatedly fixes exploited flaws in older OSes

Apple's recent OS updates patch several older versions, addressing major vulnerabilities like CVE-2025-24200, affirming its commitment to security across all product lines.
Apple
[ Load more ]