Vulnerabilities

Threat actors are exploiting a component of CheckPoint’s ZoneAlarm antivirus to bypass Windows security measures. Nima Bagheri, a security researcher in Austin and founder of Venak Security, announced a new Bring Your Own Vulnerable Driver (BYOVD) attack in a report on March 20. Threat actors exploited vulnerabilities in vsdatant.sys, a …

IBM has resolved two critical vulnerabilities in its AIX operating system that could allow command execution. The list of shortcomings, which impact AIX versions 7.2 and 7.3, is below: CVE-2024-56346 (CVSS score: 10.0) – A vulnerability that allows a remote attacker to run any commands through the AIX nimesis NIM …

WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon’s Graphite spyware following reports from security researchers at the University of Toronto’s Citizen Lab. The company addressed the attack vector late last year “without the need for a client-side fix” and decided not to assign a CVE-ID after “reviewing …

CISA has issued a critical alert about a critical vulnerability in Fortinet’s FortiOS and FortiProxy systems. CVE-2025-24472, an authentication bypass vulnerability, has been added to CISA’s Known Exploited Vulnerabilities catalog. Fortinet FortiOS Authentication Bypass Vulnerability: Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to …

A critical vulnerability, CVE-2024-540385, has been found in HPE Cray XD670 servers using the AMI BMC Redfish API, allowing remote authentication bypass. Administrators must act quickly to prevent the exploitation. According to HPE’s security bulletin, “This vulnerability could be remotely exploited to allow authentication bypass.” An attacker could gain unauthorized …

CVE-2025-24813, a critical remote code execution vulnerability, is actively exploited, enabling attackers to control vulnerable Apache Tomcat servers with a single PUT API request, reports Wallarm. The exploit, shared by a user on a Chinese forum, takes advantage of Tomcat’s default session persistence and its ability to handle partial PUT …

Cybersecurity researchers unveil a critical remote code execution vulnerability (CVE-2025-24016) in Wazuh, a popular open-source SIEM platform. The vulnerability has a CVSS score of 9.9 affects Wazuh versions 4.4.0 to 4.9.0, enabling attackers with API access to run arbitrary Python code on the servers. The flaw is due to unsafe …

Cybersecurity researcher Jeremiah Fowler found and reported a non-password-protected database with over 86,000 records belonging to ESHYFT, a New Jersey-based HealthTech company. ESHYFT operates in 29 states and provides a mobile app platform connecting healthcare facilities with workers like Certified Nursing Assistants (CNAs), Licensed Practical Nurses (LPNs), and Registered Nurses …

Forescout Research- Vedere Labs identified a series of intrusion based on two Fortinet vulnerabilities which began with the exploitation of FortiGate firewall appliance dubbed SuperBlack. Researchers track this between late january and early March. Fortinet disclosed two authentication bypass vulnerabilities: CVE-2024-55591 in January and CVE-2025-24472 in February. When Fortinet first …

GitLab has released versions 17.9.2, 17.8.5, and 17.7.7 for its Community and Enterprise Editions to fix security vulnerabilities, including a critical authentication bypass issue. Critical Authentication Bypass Vulnerabilities: Two critical vulnerabilities, CVE-2025-25291 and CVE-2025-25292, are found in the ruby-saml library used by GitLab for SAML single sign-on (SSO) authentication. The …