vulnerability
TARmageddon flaw in abandoned Rust library enables RCE attacks
A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems running unpatched software. Tracked as CVE-2025-62518, this logic flaw results from a desynchronization issue that allows unauthenticated attackers to inject additional archive entries during TAR file extraction. This occurs specifically when processing nested TAR […]
Sharepoint ToolShell attacks targeted orgs across four continents
Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations. The security flaw affects on-premise SharePoint servers and was disclosed as an actively exploited zero-day on July 20, after multiple hacking groups tied to China leveraged it in widespread […]
TP-Link warns of critical command injection flaw in Omada gateways
TP-Link is warning of two command injection vulnerabilities in Omada gateway devices that could be exploited to execute arbitrary OS commands. Omada gateways are marketed as full-stack solutions (router, firewall, VPN gateway) for small to medium businesses, and are constantly increasing in popularity. Although the two security issues lead to the same result when triggered, only one […]
CISA confirms hackers exploited Oracle E-Business Suite SSRF flaw
CISA has confirmed that an Oracle E-Business Suite flaw tracked as CVE-2025-61884 is being exploited in attacks, adding it to its Known Exploited Vulnerabilities catalog. GeekFeed previously reported that CVE-2025-61884 is an unauthenticated server-side request forgery (SSRF) vulnerability in the Oracle Configurator runtime component, which was linked to a leaked exploit used in July attacks. The US cybersecurity […]
Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities
The latest releases of Cursor and Windsurf integrated development environments are vulnerable to more than 94 known and patched security issues in the Chromium browser and the V8 JavaScript engine. An estimated 1.8 million developers, the userbase for the two IDEs, are exposed to the risks. Ox Security researchers explain that both development environments are built on old software […]
RondoDox botnet targets 56 n-day flaws in worldwide attacks
A new large-scale botnet called RondoDox is targeting 56 vulnerabilities in more than 30 distinct devices, including flaws first disclosed during Pwn2Own hacking competitions. The attacker focuses on a wide range of exposed devices, including DVRs, NVRs, CCTV systems, and web servers and have been active since June. The RondoDox botnet leverages what Trend Micro researchers call an […]
Hackers exploit auth bypass in Service Finder WordPress theme
Threat actors are actively exploiting a critical vulnerability in the Service Finder WordPress theme that allows them to bypass authentication and log in as administrators. Administrator privileges in WordPress grant full control over content and settings, permission to create accounts, upload PHP files, and export databases. WordPress plugin security firm Wordfence recorded more than 13,800 exploitation atempts since August 1st. Service […]
Redis warns of critical flaw impacting thousands of instances
The Redis security team has released patches for a maximum severity vulnerability that could allow attackers to gain remote code execution on thousands of vulnerable instances. Redis (short for Remote Dictionary Server) is an open-source data structure store used in approximately 75% of cloud environments, functioning like a database, cache, and message broker, and storing […]
Steam and Microsoft warn of Unity flaw exposing gamers to attacks
A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. Unity is a cross-platform game engine and development platform that provides rendering, physics, animation, and scripting tools for developers to create titles for Windows, macOS, Android, iOS, consoles, and the web. A […]
Massive surge in scans targeting Palo Alto Networks login portals
A spike in suspicious scans targeting Palo Alto Networks login portals indicates clear reconnaissance efforts from suspicious IP addresses, researchers warn. Cybersecurity intelligence company GreyNoise reports a 500% increase in IP addresses focused on Palo Alto Networks GlobalProtect and PAN-OS profiles. The activity culminated on October 3 with more than 1,285 unique IPs engaged in the […]