Friday , July 10 2026

Alert

CIRT alerts CII, Energy Sectors, Banks risk for a large-scale cyberattack

CIRT

BGD e-GOV CIRT alert for a potential risk of cyber attack on Thursday (24.07.2025). In its situational alert, CIRT said, based on current threat intelligence, there is a potential risk of a large-scale cyberattack targeting Bangladesh’s ICT infrastructure in the coming days. CIRT mentioned that the cyber attack focuses on …

Read More »

CVE-2025-31700 & CVE-2025-31701
Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE

Dahua

Dahua Technology released a security advisory about two serious vulnerabilities in its IP cameras, after a report from the Bitdefender IoT Research Team. The vulnerabilities, CVE-2025-31700 and CVE-2025-31701, each have a CVSS score of 8.1 and are due to buffer overflow issues that can let remote attackers crash devices or …

Read More »

(CVE-2025-6704, CVE-2025-7624)
Urgent Sophos Firewall Update: Two Critical RCE Flaws Patched

Sophos has released a security advisory addressing five vulnerabilities in Sophos Firewall, two of which are critical and could enable remote attackers to take control of affected devices in specific situations. The company confirms that fixes have been automatically deployed through hotfixes, assuming the auto-installation setting is default.   Remediation …

Read More »

Microsoft issues urgent patches for SharePoint RCE vulnerabilities

SharePoint

Microsoft issued urgent updates for two serious SharePoint security holes, identified as CVE-2025-53770 and CVE-2025-53771, used in attacks known as “ToolShell.” Both vulnerabilities exclusively affect on-premises SharePoint Servers, allowing threat actors to exploit them for unauthenticated, remote code execution. Microsoft has announced that the SharePoint vulnerability CVE-2025-53770, with a CVSS …

Read More »

HPE alerts of hardcoded passwords in Aruba access points

HPE

Hewlett-Packard Enterprise (HPE) warns that Aruba Instant On Access Points have hardcoded credentials, enabling attackers to skip normal authentication and reach the web interface. Aruba Instant On Access Points are small, easy-to-use Wi-Fi devices for small to medium businesses. They provide advanced features like guest networks and traffic segmentation, and …

Read More »

Singapore urgently engage military force to tackle ‘serious’ cyberattack

cyberattack

Defence Minister Chan Chun Sing said these select units will work with the Cyber Security Agency (CSA) in a united government response to the threat, local media reported. Chan described the cyberattack as “one example of the emerging threats” that the military has to handle, the reports said. There have been …

Read More »

Oracle Patched 200 Vulns With July 2025 CPU

Oracle’s July 2025 Critical Patch Update includes 309 new security patches, with 127 addressing remotely exploitable vulnerabilities. SecurityWeek found about 200 unique CVEs in Oracle’s July 2025 CPU, with nine patches for critical flaws. In October, Oracle Communications issued 84 security patches, the highest this month, similar to April. Out …

Read More »

CISA added Fortinet FortiWeb vul to KEV catalog

Fortinet FortiWeb

U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a crucial vulnerability in Fortinet FortiWeb in its Known Exploited Vulnerabilities (KEV) catalog, verifying that the SQL injection flaw is being actively exploited in cyberattacks across the globe. The vulnerability, tracked as CVE-2025-25257, affects Fortinet’s FortiWeb web application firewall and carries …

Read More »

Node.js Flaws Expose Windows Apps to Path Traversal & HashDoS Attacks

Node.js

The OpenJS Foundation has updated Node.js 24.x, 22.x, and 20.x to fix two serious vulnerabilities—CVE-2025-27210 and CVE-2025-27209—that could endanger Windows applications and web services using JavaScript’s V8 engine. These issues, involving path traversal bypass and hash collision denial-of-service (HashDoS), impact millions of backend and full-stack applications globally. CVE-2025-27210: Path Traversal …

Read More »