Warning
CISA warns of increased breach risks following Oracle Cloud leak
On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. CISA said, “the nature of the reported activity presents potential risk to organizations and individuals, particularly where credential material may be exposed, reused across separate, unaffiliated systems, or […]
CISA tags SonicWall VPN flaw as actively exploited in attacks
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. Tracked as CVE-2021-20035, this security flaw impacts SMA 200, SMA 210, SMA 400, SMA 410, and SMA 500v (ESX, KVM, AWS, Azure) devices. Successful exploitation can allow remote threat actors […]
MITRE warns that funding for critical CVE program expires today
MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry. CVE, the most critical of the two, is maintained by MITRE with funding from the U.S. National Cyber Security Division […]
Microsoft: Exchange 2016 and 2019 reach end of support in six months
Microsoft warned that Exchange 2016 and Exchange 2019 will reach the end of support six months from now, on October 14. The Exchange Server Engineering Team also shared guidance for admins who need to decommission outdated servers until then, cautioning that Exchange 2016 and Exchange 2019 servers will be exposed to attacks since they’ll no […]
Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks
Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was patched. Earlier this week, Fortinet began sending emails to customers warning that their FortiGate/FortiOS devices were compromised based on telemetry received from FortiGuard devices. These emails were […]
Microsoft: Windows ‘inetpub’ folder created by security fix, don’t delete
Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty “inetpub” folder and warned users not to delete it. This folder is typically used by Microsoft’s Internet Information Services (IIS), a web server platform that can be enabled via the Windows Features dialog to host websites and web apps. […]
Critical auth bypass bug in CrushFTP now exploited in attacks
Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security vulnerability (CVE-2025-2825) was discovered and reported by Outpost24 (which identifies it as CVE-2025-31161), and it allows remote attackers to gain unauthenticated access to devices running unpatched CrushFTP v10 or v11 software. […]
CrushFTP warns users to patch unauthenticated access flaw immediately
CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. As the company also explained in an email sent to customers on Friday (seen by GeekFeed), the security flaw enables attackers to gain unauthenticated access to unpatched servers if they are exposed on the Internet over HTTP(S). […]
CISA tags NAKIVO backup flaw as actively exploited in attacks
CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO’s Backup & Replication software. Tracked as CVE-2024-48248, this absolute path traversal flaw can be exploited by unauthenticated attackers to read arbitrary files on vulnerable devices. The US-based backup and ransomware recovery software vendor silently patched the security flaw […]
CISA: Medusa ransomware hit over 300 critical infrastructure orgs
CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. This was revealed in a joint advisory issued today in coordination with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). “As of February 2025, Medusa developers and affiliates […]