News
Entertainment
Science & Technology
Life
Culture & Art
Hobbies
News
Entertainment
Science & Technology
Culture & Art
Hobbies
Zimbra Zero-Day Exploitation Vector: Malicious ICS Files Targeting Brazil’s Military - SecPod Blog
The discovery and exploitation of CVE-2025-27915, a stored cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (ZCS), underscores the persistent threat posed by input sanitization flaws in widely used enterprise software. This now-patched zero-day vulnerability was actively exploi
CVE-2025-61882: Why Clop’s Latest Oracle EBS Strike Should Scare You - SecPod Blog
Oracle E-Business Suite (EBS), a comprehensive suite of enterprise resource planning (ERP) applications, is integral to managing core business operations for numerous organizations worldwide. It handles critical functions across finance, HR, and supply chain management. Recently, a critical zero-
China-Linked APT Exploits VMware Zero-Day Vulnerability Active Since October 2024 - SecPod Blog
A newly discovered and actively exploited local privilege escalation vulnerability in VMware Tools and Aria Operations, tracked as CVE-2025-41244, has been leveraged as a zero-day since mid-October 2024. The exploitation has been attributed to UNC5174, a China-linked advanced persistent threat (APT)
Under Medusa's Gaze: GoAnywhere Zero-Day Powers Ransomware Attacks - SecPod Blog
Executive Summary A critical deserialization vulnerability in Fortra GoAnywhere MFT (CVE-2025-10035 , with a CVSS score of 10.0) has been actively exploited by a Medusa ransomware affiliate tracked as Storm-1175 to gain unauthenticated remote code execution against internet-exposed Admin Consoles
Technical Breakdown: How the ArcaneDoor Group Leverages Multiple Cisco Zero-Days for Stealthy Infiltration - SecPod Blog
A sophisticated, state-sponsored threat actor tracked as ArcaneDoor is actively exploiting two new zero-day vulnerabilities in Cisco firewalls. The campaign deploys a dangerous malware cocktail to conduct espionage against government networks. Threat: A highly advanced campaign targeting critica
Versa Director Zero-Day Under Siege: Volt Typhoon and Bronze Silhouette Campaign - SecPod Blog
Cybercriminal groups and nation aligned advanced persistent threats (APTs) are increasingly converging on stealth first, persistence focused, and monetization driven operations. Recent reporting shows both financially motivated actors and suspected state aligned groups actively exploiting a critical
Cisco Issues Urgent Warning on Exploited IOS Zero-Day Vulnerability - SecPod Blog
The disclosure of a high-severity zero-day vulnerability in Cisco IOS and IOS XE Software exposes a critical weakness in the Simple Network Management Protocol (SNMP) subsystem. Tracked as CVE-2025-20352, the flaw is already being actively exploited in the wild, placing countless organizations at im
Inside UNC5221’s BRICKSTORM: Unmasking a Stealthy Espionage Backdoor - SecPod Blog
Executive summary Since at least early 2025, a suspected China-nexus cluster, tracked as UNC5221, has deployed the BRICKSTORM backdoor using the vulnerabilities CVE-2023-46805 and CVE-2024-21887 to establish long-term, stealthy access to high-value targets, notably legal services, SaaS providers,
CISA Issues Emergency Directive as Cisco ASA Zero-Day Exploited in the Wild - SecPod Blog
Cisco has issued an urgent security advisory, urging customers to patch two critical zero-day vulnerabilities affecting the VPN web server components of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. These flaws are actively
CVE-2025-26399: SolarWinds Patches Critical Remote Code Execution Vulnerability - SecPod Blog
SolarWinds has issued hotfixes to patch a critical Web Help Desk security vulnerability that could enable remote attackers to execute arbitrary commands on impacted systems. Vulnerability Details The vulnerability, tracked as CVE-2025-26399 with a CVSS score of 9.8, stems from the insecure des
From License to Root: Critical Flaw in Fortra GoAnywhere MFT - SecPod Blog
A critical vulnerability has been identified in Fortra's GoAnywhere Managed File Transfer (MFT) platform, posing a significant risk to organizations that rely on this software for secure file exchange. The flaw, identified as CVE-2025-10035, has been assigned a CVSS score of 10.0, the highest possib
Firewall on Fire: Critical CVE-2025-9242 Hits WatchGuard Firebox - SecPod Blog
WatchGuard has issued urgent security updates to address a critical vulnerability, CVE-2025-9242, affecting its Firebox firewalls. This high-severity flaw could allow a remote, unauthenticated attacker to execute arbitrary code on vulnerable devices, potentially leading to complete system compromise
Automating Endpoint Management: Best Practices for IT Teams - SecPod Blog
Every organization in the world relies on laptops, mobile devices, servers, and IoT equipment. Each device provides business applications and but also might hold sensitive data, which can pose a potential risk if left unmanaged. Manually checking and managing these endpoints is practically impossibl
How the TP-Link 0-Day Bypasses ASLR: A Technical Post-Mortem - SecPod Blog
A critical zero-day remote code execution (RCE) vulnerability, identified as CVE-2025-9961, with CVSS and EPSS scores of 8.6 and 0.10% respectively, has been discovered in TP-Link routers. Security researchers have released a proof-of-concept (PoC) exploit, demonstrating how attackers can bypass Add
TA558: AI-Powered Attacks Target Hospitality Sector - SecPod Blog
A persistent cybercriminal group tracked as TA558, also known by aliases such as RevengeHotels, has been actively targeting hospitality, hotel, and travel organizations since at least 2015. This group, primarily financially motivated, has evolved its tactics, techniques, and procedures (TTPs) to inc
Linux CUPS: Remote DoS and Authentication Bypass Exploit - SecPod Blog
The discovery of CVE-2025-58364 and CVE-2025-58060 reveals two critical weaknesses in the Linux Common Unix Printing System (CUPS). Exploiting these vulnerabilities could enable remote denial-of-service and authentication bypass attacks, endangering millions of systems that rely on CUPS as a fundame
Deserialization Derailment: Dassault’s DELMIA Flaw Goes Live - SecPod Blog
DELMIA Apriso is utilized in production processes for digitalization and monitoring, with widespread deployment in automotive, aerospace, electronics, high-tech, and industrial machinery divisions. It supports various functions, including production scheduling, quality management, resource allocatio
Why Teams Miss Critical Risks - Anatomy of a Prioritization Failure - SecPod Blog
Most breaches don’t happen because teams lack alerts—they happen because teams can’t prioritize the right ones. Learn the anatomy of prioritization failure, the business cost of missed risks, and how PREVENT helps security leaders cut through noise, focus on what matters, and stop breaches before they start.
Saner Cloud - Your Ticket to Enter the Cloud Security Conversation with Enterprise Buyers - SecPod Blog
Cloud is no longer a side note in enterprise IT. It is the enterprise. Business-critical applications, customer data, and digital infrastructure now live in AWS and Azure, managed by fast-moving DevOps and cloud teams. But as cloud adoption grows, so do the cracks. Misconfigurations, over-permis
WeepSteel Rises: Attackers Exploit Critical Sitecore Deserialization Bug - SecPod Blog
Executive Summary A critical zero-day vulnerability in Sitecore, tracked as CVE-2025-53690, has been exploited in the wild to deploy the WeepSteel backdoor. This flaw, an insecure deserialization issue, allows attackers to craft malicious ViewState payloads using default or sample ASP.NET machine
81 Flaws Fixed, Two Zero Days In Microsoft's September 2025 Patch Tuesday - SecPod Blog
The biggest day of the month is here! This Patch Tuesday, Microsoft has released patches for 81 flaws, including 9 critical bugs and 2 zero-days. The chart below displays the types of flaws that have been patched today. Elevation of Privilege is the most common vulnerability type with 41 p
Critical Chrome Security Update Patches Remote Code Execution Flaws - SecPod Blog
Google has released an urgent security update for the Chrome browser across Windows, Mac, and Linux platforms to address critical vulnerabilities that could enable remote attackers to execute arbitrary code. Chrome users are strongly encouraged to update their browsers immediately to safeguard again
FortiDDoS Appliances Vulnerable to OS Command Injection, Urges Immediate Patching - SecPod Blog
Fortinet has recently addressed a medium-severity OS command injection vulnerability, CVE-2024-45325, in its FortiDDoS-F appliances. This flaw could allow a privileged attacker to execute unauthorized commands via the command-line interface (CLI). Given the critical role FortiDDoS-F appliances play
Critical SessionReaper Flaw in Adobe Commerce Puts Customer Accounts at Risk - SecPod Blog
A critical vulnerability, CVE-2025-54236, dubbed "SessionReaper," has been identified in Adobe Commerce and Magento Open Source platforms, potentially allowing attackers to seize control of customer accounts. The severity of this flaw has prompted Adobe to release an emergency patch outside of its r
Built for Partners - The Unified Security Platform You Can Rely On – Saner Platform - SecPod Blog
In the enterprise cybersecurity market that has been getting increaasingly complex, partners today face a dilemma. Enterprises are spending more than ever on security, yet breaches, misconfigurations, and compliance failures keep making headlines. Budgets are fragmented across point solutions, but e
ImageMagick RCE Vulnerability: A Hacker’s Magic Wand - SecPod Blog
A high-severity security vulnerability, CVE-2025-57803, has been identified in ImageMagick, a widely used open-source image processing software. This flaw could allow remote attackers to execute arbitrary code on vulnerable systems. The vulnerability stems from a 32-bit integer overflow within the B
FreePBX Rings Red: Zero-Day Lets Attackers Dial in as Root - SecPod Blog
FreePBX administrators are facing urgent calls to secure their systems against an actively exploited zero-day vulnerability in the commercial Endpoint Manager module. The Security Team has confirmed that this critical flaw, identified as CVE-2025-57819, allows attackers to execute code remotely on v