Microsoft Urges TPM 2.0 for Windows 11 Upgrade as Win 10 Support Nears End
Microsoft is eager for more users to migrate from Windows 10 to Windows 11—but only if their hardware meets the stringent system requirements, such as the presence of a TPM 2.0 chip (Trusted Platform …
Read more
Published Date:
Apr 21, 2025 (4 hours, 6 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2023-1017
CVE-2023-1018
Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks
A sophisticated Advanced Persistent Threat (APT) operation named Larva-24005, linked to the notorious Kimsuky threat group, has been discovered actively exploiting critical vulnerabilities in Remote D …
Read more
Published Date:
Apr 21, 2025 (3 hours, 13 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2019-0708
CVE-2017-11882
Critical ASUS Router Vulnerability Let Attackers Malicious Code Remotely
A critical security vulnerability has been discovered in ASUS routers featuring the AiCloud service, exposing millions of devices to the risk of remote code execution by unauthenticated attackers.
The …
Read more
Published Date:
Apr 21, 2025 (2 hours, 6 minutes ago)
Vulnerabilities has been mentioned in this article.
Critical PyTorch Vulnerability Let Attackers Execute Remote Code
A critical vulnerability in PyTorch that allows attackers to execute malicious code remotely, even when using safeguards previously thought to mitigate such risks.
The vulnerability, identified as CVE …
Read more
Published Date:
Apr 21, 2025 (1 hour, 56 minutes ago)
Vulnerabilities has been mentioned in this article.
Speedify VPN macOS Vulnerability Let Attackers Escalate Privilege
A significant security vulnerability, tracked as CVE-2025-25364, was discovered in Speedify VPN’s macOS application, exposing users to local privilege escalation and full system compromise.
The flaw, …
Read more
Published Date:
Apr 21, 2025 (1 hour, 32 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE ID : CVE-2025-25228
Published : April 21, 2025, 8:15 a.m. | 2 hours, 41 minutes ago
Description : A SQL injection in VirtueMart component 1.0.0 – 4.4.7 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the product management area in backend.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3837
Published : April 21, 2025, 10:15 a.m. | 41 minutes ago
Description : An improper input validation vulnerability is identified in the End of Life (EOL) OVA based connect component which is deployed for installation purposes in the customer internal network. This EOL component was deprecated in September 2023 with end of support extended till January 2024. Under certain circumstances, an actor can manipulate a specific request parameter and inject code execution payload which could lead to a remote code execution on the infrastructure hosting this component.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3838
Published : April 21, 2025, 10:15 a.m. | 41 minutes ago
Description : An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Under certain conditions, this could allow a bad actor to gain unauthorized access to the local db containing weakly hashed credentials of the installer. This EOL component was deprecated in September 2023 with end of support extended till January 2024.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-3840
Published : April 21, 2025, 10:15 a.m. | 41 minutes ago
Description : An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA based connect installer component which is deployed for installation purposes in a customer network. This EOL component was deprecated in September 2023 with end of support extended till January 2024. An actor can manipulate the action parameter of the login form to inject malicious scripts which would lead to a XSS attack under certain conditions.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Media Player Classic Qute Theater uses libmpv’s powerful media presentation framework to play video instead of DirectShow. The post Media…
FunOS si conferma come una delle distribuzioni GNU/Linux più apprezzate da chi cerca velocità, leggerezza e affidabilità. Il 20 aprile…
tracker is a terminal-based real-time satellite tracking and orbit prediction application. It’s written in Rust. The post tracker offers real-time…
Il panorama della sicurezza informatica in ambito open-source sta vivendo una fase di allarme crescente, come evidenziato dai più recenti…
Vpn-accounts op SonicWall-gateways sinds januari doelwit van aanvallen
Vpn-accounts op SonicWall-gateways zijn sinds januari het doelwit van aanvallen, zo stelt securitybedrijf Arctic Wolf. Mogelijk combineren de aanvallers gecompromitteerde vpn-accounts met een vier jaa …
Read more
Published Date:
Apr 19, 2025 (1 day, 20 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2021-20035
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices.
Researchers at …
Read more
Published Date:
Apr 19, 2025 (1 day, 16 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-32433
CVE-2025-32445 Privilege Escalation Flaw in Argo Events
CVE-2025-32445 is a critical privilege escalation vulnerability affecting Argo Events, an event-driven workflow automation framework designed for Kubernetes environments. The flaw enables users with p …
Read more
Published Date:
Apr 19, 2025 (1 day, 16 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-32445
Operation ForumTroll Detailed out
Operation ForumTroll is a sophisticated Advanced Persistent Threat (APT) campaign that exploits a zero-day vulnerability (CVE-2025-2783) in Google Chrome. This operation was uncovered in March 2025 an …
Read more
Published Date:
Apr 19, 2025 (1 day, 16 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-32445
CVE-2025-2783
Chinese APT IronHusky Deploys Updated MysterySnail RAT on Russia
Kaspersky researchers report the reappearance of MysterySnail RAT, a malware linked to Chinese IronHusky APT, targeting Mongolia and Russia after years of silence. Learn about its new tactics and modu …
Read more
Published Date:
Apr 19, 2025 (1 day, 9 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2021-40449
Cyber Security News Letter: Key Updates on Attacks, Vulnerabilities, & Data Breaches
Welcome to this week’s Cybersecurity Newsletter, where we provide the latest updates and critical insights from the swiftly changing realm of cybersecurity.This edition focuses on new threats and the …
Read more
Published Date:
Apr 21, 2025 (6 hours ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-31201
CVE-2025-31200
CVE-2025-20236
CVE-2025-30100
CVE-2025-24859
CVE-2025-24076
CVE-2025-24054
CVE-2021-20035
GitHub Enterprise Server Vulnerabilities Allows Arbitrary Code Execution
GitHub has issued urgent security updates for its Enterprise Server product after discovering multiple high-severity vulnerabilities, including a critical flaw (CVE-2025-3509) that allows attackers to …
Read more
Published Date:
Apr 21, 2025 (4 hours, 25 minutes ago)
Vulnerabilities has been mentioned in this article.
CVE-2025-3509
CVE-2025-3246
CVE-2025-3124