GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel’s IKE affecting UDP port 500. The attack centers around CVE-2023-28771, a high-severity remote code execution vulnerability (CVSS 9.8) affecting Zyxel Internet Key Exchange (IKE) packet decoders over UDP port 500. Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On …
Read More »ALERT (CVE: 2023-28771)
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV) Catalog, highlighting confirmed cases of these flaws being exploited in real-world scenarios. The catalog now features a zero-click iOS vulnerability exploited by mercenary spyware, as well as a command injection …
Read More »
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
Serious security vulnerabilities in Trend Micro Apex One could allow attackers to inject malicious code and elevate their privileges within the system. The company issued emergency patches on June 9, 2025, for five vulnerabilities (CVE-2025-49154 to CVE-2025-49158) rated medium to high on the CVSS 3.0 scale. CVE-2025-49154: Insecure Access Control …
Read More »Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Action
Aim Labs discovered a zero-click AI vulnerability named “EchoLeak” in Microsoft 365 Copilot and reported several ways to exploit it to Microsoft’s MSRC team. The new attack method called “LLM Scope Violation” has been identified, which could also impact other RAG-based chatbots and AI agents. This finding marks a significant …
Read More »Adobe Releases Patch Fixing 254 Vulnerabilities With High-Severity Security Gaps
On Tuesday, Adobe released security updates for 254 vulnerabilities in its software, mainly affecting Experience Manager (AEM). There are 254 flaws, 225 of which are in AEM, affecting AEM Cloud Service and earlier versions up to 6.5.22. These have been addressed in AEM Cloud Service Release 2025.5 and version 6.5.23. …
Read More »
Alert
40,000 + live internet cameras exposed globally !
A new report from Bitsight reveals that over 40,000 internet-connected security cameras around the world are exposed, broadcasting live footage without user consent or basic security. “Most times, all that an attacker needs to spy on homes or even large organizations is just a web browser and the right IP …
Read More »Microsoft patch Tuesday fix exploited zero-day and 65 vuls patched
Microsoft’s June Patch Tuesday update has arrived, addressing 66 vulnerabilities across its product line. One of these flaws was actively being exploited, making this update crucial for both businesses and individual users. One Zero-Day Actively Exploited: The important fix addresses CVE-2025-33053, a vulnerability in Windows WebDAV that could let attackers …
Read More »84,000+ Roundcube instances vulnerable to actively exploited flaw
More than 84,000 Roundcube webmail installations are at risk due to CVE-2025-49113, a severe remote code execution (RCE) vulnerability that comes with an available public exploit. The flaw in Roundcube (versions 1.1.0 to 1.6.10) was discovered by Kirill Firsov and was patched on June 1, 2025. The bug stems from …
Read More »
CVE-2025-24016
Critical Wazuh RCE Actively Exploited by Mirai Botnets
The Security Intelligence and Response Team (SIRT) at Akamai has found that multiple Mirai-based botnets are exploiting CVE-2025-24016, a critical RCE vulnerability in Wazuh servers. This flaw, which has a CVSS score of 9.9, allows remote attackers to execute arbitrary Python code through unsanitized JSON inputs in the Wazuh Distributed …
Read More »CISA Issues Seven Advisories for Industrial Control Systems (ICS)
On June 5, 2025, CISA released seven advisories regarding Industrial Control Systems (ICS) that highlight current security issues, vulnerabilities, and exploits. ICSA-25-155-01 CyberData 011209 SIP Emergency Intercom ICSA-25-155-02 Hitachi Energy Relion 670, 650 series and SAM600-IO Product ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update H) ICSA-25-133-02 Hitachi Energy Relion …
Read More »