Vulnerabilities

GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel’s IKE affecting UDP port 500. The attack centers around CVE-2023-28771, a high-severity remote code execution vulnerability (CVSS 9.8) affecting Zyxel Internet Key Exchange (IKE) packet decoders over UDP port 500. Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On …

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV) Catalog, highlighting confirmed cases of these flaws being exploited in real-world scenarios. The catalog now features a zero-click iOS vulnerability exploited by mercenary spyware, as well as a command injection …

HashiCorp has revealed a critical vulnerability in its Nomad tool that may let attackers gain higher privileges by misusing the Access Control List (ACL) policy lookup. Identified as CVE-2025-4922, this vulnerability has a CVSS score of 8.1, indicating significant risk for organizations using affected Nomad versions. “Nomad prefix-based ACL policy …

Serious security vulnerabilities in Trend Micro Apex One could allow attackers to inject malicious code and elevate their privileges within the system. The company issued emergency patches on June 9, 2025, for five vulnerabilities (CVE-2025-49154 to CVE-2025-49158) rated medium to high on the CVSS 3.0 scale. CVE-2025-49154: Insecure Access Control …

Aim Labs discovered a zero-click AI vulnerability named “EchoLeak” in Microsoft 365 Copilot and reported several ways to exploit it to Microsoft’s MSRC team. The new attack method called “LLM Scope Violation” has been identified, which could also impact other RAG-based chatbots and AI agents. This finding marks a significant …

Microsoft’s June Patch Tuesday update has arrived, addressing 66 vulnerabilities across its product line. One of these flaws was actively being exploited, making this update crucial for both businesses and individual users. One Zero-Day Actively Exploited: The important fix addresses CVE-2025-33053, a vulnerability in Windows WebDAV that could let attackers …

More than 84,000 Roundcube webmail installations are at risk due to CVE-2025-49113, a severe remote code execution (RCE) vulnerability that comes with an available public exploit. The flaw in Roundcube (versions 1.1.0 to 1.6.10) was discovered by Kirill Firsov and was patched on June 1, 2025. The bug stems from …

The Security Intelligence and Response Team (SIRT) at Akamai has found that multiple Mirai-based botnets are exploiting CVE-2025-24016, a critical RCE vulnerability in Wazuh servers. This flaw, which has a CVSS score of 9.9, allows remote attackers to execute arbitrary Python code through unsanitized JSON inputs in the Wazuh Distributed …

On June 5, 2025, CISA released seven advisories regarding Industrial Control Systems (ICS) that highlight current security issues, vulnerabilities, and exploits. ICSA-25-155-01 CyberData 011209 SIP Emergency Intercom ICSA-25-155-02 Hitachi Energy Relion 670, 650 series and SAM600-IO Product ICSA-21-049-02 Mitsubishi Electric FA Engineering Software Products (Update H) ICSA-25-133-02 Hitachi Energy Relion …

Cisco fixed a critical vulnerability in the Identity Services Engine (ISE) that could let unauthorized attackers carry out harmful actions. The vulnerability, CVE-2025-20286 (CVSS score 9.9), affects Cisco ISE on AWS, Microsoft Azure, and Oracle Cloud. It allows unauthenticated remote attackers to access sensitive data, perform basic admin tasks, modify …