flaws

2 days ago

Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access

A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of…
Read More »
5 days ago

Multiple Microsoft Office Vulnerabilities Enable Remote Code Execution by Attackers

Microsoft has disclosed four critical remote code execution (RCE) vulnerabilities in its Office suite as part of the June 2025…
Read More »
6 days ago

Microsoft Patch Tuesday June 2025 – 66 Vulnerabilities Patched Including 2 Zero-Day

Microsoft has released its June 2025 Patch Tuesday security updates, addressing a total of 66 vulnerabilities across its software ecosystem.…
Read More »
2 weeks ago

MICI NetFax Server Flaws Allow Attackers to Execute Remote Code

In a recent security advisory, Rapid7 has disclosed three severe vulnerabilities in MICI Network Co., Ltd’s NetFax Server, affecting all…
Read More »
3 weeks ago

UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers

The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its…
Read More »
3 weeks ago

Severe vBulletin Flaw Allows Remote Code Execution by Attackers

A newly discovered vulnerability in vBulletin, one of the world’s most popular commercial forum platforms, has highlighted the dangers of…
Read More »
3 weeks ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier.…
Read More »
3 weeks ago

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt DNS infrastructure, manipulate Non-Human Identity…
Read More »
4 weeks ago

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on critical security flaws in .NET-based…
Read More »
4 weeks ago

Versa Concerto 0-Day Flaw Enables Remote Code Execution by Bypassing Authentication

Security researchers have uncovered multiple critical vulnerabilities in Versa Concerto, a widely deployed network security and SD-WAN orchestration platform used…
Read More »