bypass
New Secure Boot flaw lets attackers install bootkit malware, patch now
Security researchers have disclosed a new Secure Boot bypass tracked as CVE-2025-3052 that can be used to turn off security on PCs and servers and install bootkit malware. The flaw affects nearly every system that trusts Microsoft’s “UEFI CA 2011” certificate, which is pretty much all hardware that supports Secure Boot. Binarly researcher Alex Matrosov […]
Ivanti fixes EPMM zero-days chained in code execution attacks
Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. “Ivanti has released updates for Endpoint Manager Mobile (EPMM) which addresses one medium and one high severity vulnerability,” the company said. “When chained together, successful exploitation could lead to unauthenticated remote […]
Ivanti warns of critical Neurons for ITSM auth bypass flaw
Ivanti has released security updates for its Neurons for ITSM IT service management solution that mitigate a critical authentication bypass vulnerability. Tracked as CVE-2025-22462, the security flaw can let unauthenticated attackers gain administrative access to unpatched systems in low-complexity attacks, depending on system configuration. As the company highlighted in a security advisory released today, organizations […]
Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts
Russian threat actors have been abusing legitimate OAuth 2.0 authentication workflows to hijack Microsoft 365 accounts of employees of organizations related to Ukraine and human rights. The adversary is impersonating officials from European countries and contact targets through WhatsApp and Signal messaging platforms. The purpose is to convince potential victims to provide Microsoft authorization codes that […]
Critical Cisco ISE bug can let attackers run commands as root
Cisco has released patches to fix two critical vulnerabilities in its Identity Services Engine (ISE) security policy management platform. Enterprise administrators use Cisco ISE as an identity and access management (IAM) solution that combines authentication, authorization, and accounting into a single appliance. The two security flaws (CVE-2025-20124 and CVE-2025-20125) can be exploited by authenticated remote […]
Apache fixes remote code execution bypass in Tomcat web server
Apache has released a security update that addresses an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web server and servlet container widely used to deploy and run Java-based web applications. It provides a runtime environment for Java Servlets, JavaServer Pages (JSP), and […]
QR codes bypass browser isolation for malicious C2 communication
Mandiant has identified a novel method to bypass browser isolation technology and achieve command-and-control operations through QR codes. Browser isolation is an increasingly popular security technology that routes all local web browser requests through remote web browsers hosted in a cloud environment or virtual machines. Any scripts or content on the visited web page is executed […]
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024. The flaw is rated critical (CVSS v3.1 score: 9.8) and stems from a heap overflow weakness in vCenter’s DCE/RPC protocol implementation, impacting the vCenter Server and […]
Microsoft disables BitLocker security fix, advises manual mitigation
Microsoft has disabled a fix for a BitLocker security feature bypass vulnerability due to firmware incompatibility issues that were causing patched Windows devices to go into BitLocker recovery mode. Tracked as CVE-2024-38058, this important severity security flaw can let attackers bypass the BitLocker Device Encryption feature and access encrypted data with physical access to the targeted […]
Windows Smart App Control, SmartScreen bypass exploited since 2018
A design flaw in Windows Smart App Control and SmartScreen that enables attackers to launch programs without triggering security warnings has been under exploitation since at least 2018. Smart App Control is a reputation-based security feature that uses Microsoft’s app intelligence services for safety predictions and Windows’ code integrity features to identify and block untrusted (unsigned) […]