The Zelle lawsuit 2025 is making headlines as New York Attorney General Letitia James takes legal action against Early Warning…
Security
Google said it’s implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing…
A U.S. federal court has sentenced two Estonian nationals to prison for running a massive cryptocurrency HashFlare Ponzi scheme that…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities in N-able N-central to its Known Exploited…
Story teaser text: Cybersecurity leaders face mounting pressure to stop attacks before they start, and the best defense may come…
Cybersecurity researchers have disclosed a new Android trojan called PhantomCard that abuses near-field communication (NFC) to conduct relay attacks for…
You check that the windows are shut before leaving home. Return to the kitchen to verify that the oven and…
A critical security vulnerability has recently been discovered in certain versions of Zoom Clients for Windows that could expose users…
Japan’s CERT coordination center (JPCERT/CC) on Thursday revealed it observed incidents that involved the use of a command-and-control (C2) framework…
Multiple HTTP/2 implementations have been found susceptible to a new attack technique called MadeYouReset that could be explored to conduct…
CVE ID : CVE-2025-7774
Published : Aug. 14, 2025, 2:15 p.m. | 9 hours, 49 minutes ago
Description : A security issue exists within the 5032 16pt Digital Configurable module’s web server. Intercepted session credentials can be used within a 3-minute timeout window, allowing unauthorized users to perform privileged actions.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7973
Published : Aug. 14, 2025, 2:15 p.m. | 9 hours, 49 minutes ago
Description : A security issue exists in FactoryTalk ViewPoint version 14.0 or below due to improper handling of MSI repair operations. During a repair, attackers can hijack the cscript.exe console window, which runs with SYSTEM privileges. This can be exploited to spawn an elevated command prompt, enabling full privilege escalation.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9036
Published : Aug. 14, 2025, 2:15 p.m. | 9 hours, 49 minutes ago
Description : A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client listening on the connection.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-40758
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-7972
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable FTSP token validation. This bypass allows access to create, update, and delete FTLinx drivers.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8875
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : Deserialization of Untrusted Data vulnerability in N-able N-central allows Local Execution of Code.This issue affects N-central: before 2025.3.1.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-8876
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This issue affects N-central: before 2025.3.1.
Severity: 9.4 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9041
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IF8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-9042
Published : Aug. 14, 2025, 3:15 p.m. | 8 hours, 49 minutes ago
Description : A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the 5094-IY8 device. It causes the module to enter a fault state with the Module LED flashing red. Upon un-inhibiting, the module returns a connection fault (Code 16#0010), and the module cannot recover without a power cycle.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-20133
Published : Aug. 14, 2025, 5:15 p.m. | 6 hours, 49 minutes ago
Description : A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition.
This vulnerability is due to ineffective validation of user-supplied input during the Remote Access SSL VPN authentication process. An attacker could exploit this vulnerability by sending a crafted request to the VPN service on an affected device. A successful exploit could allow the attacker to cause a DoS condition where the device stops responding to Remote Access SSL VPN authentication requests.
Severity: 8.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more…