Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

April 27, 2025

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
Released: MITRE ATT&CK v17.0, now with ESXi attack TTPs
MITRE has released the latest version of its A …

Published Date:
Apr 27, 2025 (4 hours, 17 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-34028

CVE-2025-32433

CVE-2025-27610

Source: Read More

Previous ArticleCVE-2024-52887 – Shrew Soft VPN Bookmark Script Injection Vulnerability

Next Article Building Rich Text Editors with React – Tiptap UI Components

Highlights

CVE-2025-32976 – Quest KACE Systems Management Appliance Two-Factor Authentication Bypass Vulnerability

June 24, 2025

CVE ID : CVE-2025-32976

Published : June 24, 2025, 3:15 p.m. | 3 hours, 38 minutes ago

Description : Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains a logic flaw in its two-factor authentication implementation that allows authenticated users to bypass TOTP-based 2FA requirements. The vulnerability exists in the 2FA validation process and can be exploited to gain elevated access.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

From Data To Decisions: UX Strategies For Real-Time Dashboards

Honeycomb launches AI observability suite for developers

Low-Code vs No-Code Platforms for Node.js: What CTOs Must Know Before Investing

ServiceNow unveils Zurich AI platform

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Distribution Release: Q4OS 6.1

Optimizely Mission Control – Part III

Optimizely Mission Control – Part III

Learning from PHP Log to File Example

Online EMI Calculator using PHP – Calculate Loan EMI, Interest, and Amortization Schedule

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

Dmitry — The Deep Magic

Right way to record and share our Terminal sessions

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

The Elder Scrolls 4: Oblivion Remastered has already reached 4 million players in its first week

PHPVerse with Brent Roose

CVE-2024-11142 – Gosoft Software Proticaret E-Commerce CSRF Vulnerability

Scattered Spider Hacker Gets 10 Years, $13M Restitution for SIM Swapping Crypto Theft

CVE-2025-32976 – Quest KACE Systems Management Appliance Two-Factor Authentication Bypass Vulnerability

CHIRP – GUI tool for programming ham radios

CVE-2025-6676 – Drupal Simple XML Sitemap Cross-Site Scripting (XSS)

CVE-2025-52876 – JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

Week in review: MITRE ATT&CK v17.0 released, PoC for Erlang/OTP SSH bug is public

Related Posts