Swap EOL Zyxel routers, upgrade Netgear ones!

There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless access points. Zyxel vulnerability: Exploited, no pat… Continue reading Swap EOL Zyxel routers, upgrade Netgear ones!

Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)

Apple has shipped a fix for a zero-day vulnerability (CVE-2025-24085) that is being leveraged by attackers against iPhone users. About CVE-2025-24085 CVE-2025-24085 is a use after free bug in CoreMedia, a framework used by Apple devices for the process… Continue reading Apple zero-day vulnerability exploited to target iPhone users (CVE-2025-24085)

5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The warning came last week from Bishop Fox r… Continue reading 5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

Cisco has released patches for a critical privilege escalation vulnerability in Meeting Management (CVE-2025-20156) and a heap-based buffer overflow flaw (CVE-2025-20128) that, when triggered, could terminate the ClamAV scanning process on endpoints ru… Continue reading Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw

SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

A critical zero-day vulnerability (CVE-2025-23006) affecting SonicWall Secure Mobile Access (SMA) 1000 Series appliances is being exploited by attackers. “We strongly advises users of the SMA1000 product to upgrade to the hotfix release version t… Continue reading SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006)

Update your OpenWrt router! Security issue made supply chain attack possible

A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distribution for embedded devices. About OpenWrt OpenWrt … Continue reading Update your OpenWrt router! Security issue made supply chain attack possible

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (… Continue reading Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

Google patches actively exploited Android vulnerability (CVE-2024-43093)

Google has delivered fixes for two vulnerabilities endangering Android users that “may be under limited, targeted exploitation”: CVE-2024-43047, a flaw affecting Qualcomm chipsets, and CVE-2024-43093, a vulnerability in the Google Play fram… Continue reading Google patches actively exploited Android vulnerability (CVE-2024-43093)

Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)

Synology has released fixes for an unauthenticated “zero-click” remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and BeeStation network attached storage (NAS) devices. About CVE-2024-10443 CVE-… Continue reading Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)

Ransomware hits web hosting servers via vulnerable CyberPanel instances

A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX and other ransomware. The PSAUX ransom note (Source: LeakIX) The CyberPanel … Continue reading Ransomware hits web hosting servers via vulnerable CyberPanel instances