2025 Talos Year in Review: Speed, scale, and staying power

The 2025 Talos Year in Review is now available to view online. The pace and scale of adversary activity in 2025 placed sustained pressure on security teams across industries. As with each annual report, our goal at Talos is to provide the security community with a clear analysis of the tactics,...

CVE-2024-10846

creationtimestamp| type| source ---|---|--- 2025-01-23 15:30:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113878382100891566 2025-01-23 15:34:55+00:00| seen| https://infosec.exchange/users/cve/statuses/113878400720241278 2025-01-23 16:15:57+00:00| seen|...

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2021-26086link is external Atlassian Jira Server and Data Center Path Traversal Vulnerability CVE-2014-2120link is external Cisco Adaptive Security Appliance ASA...

PT-2024-29423 · Undefined · Undefined

CVE-2024-41493 dcfuzzer-realbugs The detailed information of new real bugs found by dcfuzzer. All of the 5 new real bugs have been reported to the developers and assigned new CVEs from CVE-2024-41493 to CVE-2024-4... https://t.co/Bgveu8mK8J...

Security update provided in Brocade SANnav 2.3.0a and 2.3.1

Dear Brocade Customer: This Advisory aims to inform you of the security updates provided in Brocade SANnav 2.3.0a and 2.3.1. Please review the recently posted security advisories listed here: Newly created Brocade CVEs https://support.broadcom.com/external/content/SecurityAdvisories/0/23236...

Battling Cybersecurity Risk: How to Start Somewhere, Right Now

Between a series of recent high-profile cybersecurity incidents and the heightened geopolitical tensions, there's rarely been a more dangerous cybersecurity environment. It's a danger that affects every organization – automated attack campaigns don't discriminate between targets. The situation is...

How Often Should You Scan Websites and Web Applications for Vulnerabilities?

Web Applications and Websites Exist in a Dynamic Environment There is no questioning the fact that the web application security landscape is in a constant state of flux. The pace of change is not only rapid but resembles a constant game of cat and mouse between hackers and security professionals...

Study Examines Security and Privacy in Computer-Related Medical Device Recalls

Nearly one-third of all recalled medical devices contain computers, and half of those are recalled because of computer-related problems, according to a recent study. ‘Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance’ was funded by the Department of...

Web Server Directory Traversal Arbitrary File Access

It appears possible to read arbitrary files on the remote host outside the web server's document directory using a specially crafted URL. An unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. Note that this plugin is not limit...