BlackLock's misconfigured leak site exposed internal commands, aiding Resecurity in uncovering 46 ransomware victims.
March 2025 was a high-alert month for cybersecurity teams. Critical CVEs surfaced across widely used technologies, some quiet, others loud, but all carrying real risk. These weren’t just routine ...
A serious vulnerability in the popular WordPress security plugin WP Ghost allows attackers to gain unauthorized website access. The Local File Inclusion ...
Two CVEs now exist for an actively exploited CrushFTP vulnerability and much of the security industry is using the ‘wrong one ...
CISA adds Sitecore flaws CVE-2019-9874 and CVE-2019-9875 to KEV amid active exploitation and agency patch mandates.
A critical authentication bypass flaw in CrushFTP is under active exploitation following a mishandled disclosure process ...
Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025 ...
The in-the-wild exploitation, as tagged by CISA, follows watchTowr’s public disclosure of the vulnerability, along with a ...
WP Ghost, a popular security plugin, carried a 9.6-severity flaw It allows threat actors to execute malicious code, remotely The developers released a patch, and users should update now WP Ghost ...
A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked ... a JSESSIONID cookie pointing to the uploaded session file, forcing Tomcat to deserialize and execute the malicious ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback