720 matches found
November Linux Patch Wednesday
NovemberLinux Patch Wednesday. In November, Linux vendors began fixing 516 vulnerabilities, one and a half times fewer than in October. Of these, 232 are in the Linux Kernel. One vulnerability is exploited in the wild: MemCor - Chromium CVE-2025-13223. Added to CISA KEV on November 19. For 64 mor...
Exploit for CVE-2025-58034
🔒 🚨 CVE-2025-58034: FortiWeb OS Command Injection Zero-Day 🔥...
Chromium: CVE-2025-13223 Type Confusion in V8
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2025-13223 exists in the wild...
Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability
Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. The vulnerability in question is CVE-2025-13223 CVSS score: 8.8, a type confusion vulnerability in the V8 JavaScript and WebAssembly...
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More
This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage without setting off alarms. It's not just about hacking anymore. Criminals are building systems to...
Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts
Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet FortiWeb Web Application Firewall WAF that could allow an attacker to take over admin accounts and completely compromise a device. "The watchTowr team is seeing active, indiscriminate...
CVE-2025-64446: Critical Vulnerability in Fortinet FortiWeb Exploited in the Wild
Overview On October 6, 2025, the cyber deception company Defused published a proof-of-concept exploit on social media that was captured by one of their Fortinet FortiWeb Manager honeypots. FortiWeb is a Web Application Firewall WAF product that is designed to detect and block malicious traffic to...
Malicious code in moki-nik-hifdagujbagaifah (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fb462c66586c367e7fe5639a99621f4a69a8df103a5401bc440e572579a809d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990787)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990787 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix wild-memory-access in registersynthevent In registersynthevent, if...
EUVD-2025-100232
Malicious code in wildgullz3n npm...
EUVD-2025-87779
Malicious code in wildswanz3n npm...
EUVD-2025-87778
Malicious code in wildwildfowlz3n npm...
EUVD-2025-80038
Malicious code in wildviper0xrequest npm...
EUVD-2025-72917
Malicious code in wildbadgerz3n npm...
EUVD-2025-61755
Malicious code in wildsolez3n npm...
EUVD-2025-51062
Malicious code in wild-teal-cod npm...
EUVD-2025-51065
Malicious code in wild-fuchsia-marlin npm...
EUVD-2025-51066
Malicious code in wild-blush-dingo npm...
EUVD-2025-51064
Malicious code in wild-fuchsia-pheasant npm...
EUVD-2025-51063
Malicious code in wild-gold-chipmunk npm...