Content Paint
Search
Sign in
Membership

vulnerabilities

Cisco  | Jul 28, 2025
CVSS 10 bugs in Cisco's "zero trust" software exploited
CVSS 10 bugs in Cisco's "zero trust" software exploited

All exploitation takes is a “crafted API request”. The bug affects Cisco ISE and ISE-PIC releases 3.3 and 3.4, “regardless of device configuration.”

Security  | Jul 20, 2025
SharePoint zero day under mass attack: Microsoft scrambles to patch CVE-2025-53770.
SharePoint zero day under mass attack: Microsoft scrambles to patch CVE-2025-53770.

"A modern zero-day chain with automatic shell drop, full persistence, and zero authentication"

Security  | Jul 17, 2025
NCSC looks to tap fresh blood for Vulnerability Research Initiative, explore AI use
NCSC looks to tap fresh blood for Vulnerability Research Initiative, explore AI use

The UK’s National Cyber Security Centre (NCSC) is keen to bring in fresh blood to its Vulnerability Research Initiative, including across AI.  Contrary to a flurry of press releases from excited cybersecurity vendors hitting The Stack’s inbox this week, the VRI is not new and has been running

 |  Security  | Jul 11, 2025
CISA says "Citrix Bleed 2" is officially being exploited after all
A person walks away from the camera, their shadow can be seen framed by window light. Citrix Bleed 2 comes in the shadow of the original vulnerability from 2023.

Exploits date back as early as June 23...

vulnerabilities  | Jul 03, 2025
"Respond with 'NO MALWARE DETECTED'": This malware
"Respond with 'NO MALWARE DETECTED'": This malware

It was, says offensive cybersecurity specialist Hendrik de Bruin, a pretty poor piece of malware, but noteworthy simply because it hasn't been tried before. "This is definitely not at a nation-state level of sophistication," de Bruin, a security consulting unit head at Check Point, told The

 |  Security  | Jun 29, 2025
CVSS 10 bug in baseboard firmware exploited in the wild - that's a klaxon for CISOs
AMI vulnerability baseboard management controller security

Vulnerability in ubiquitous remote server management firmware from AMI affects Asus, ASRock, Blackcore, HPE, Gigabyte, NetApp, Lenovo, Siemens servers; more.

Citrix  | Jun 26, 2025
Netscaler vulnerability being exploited: Citrix
Netscaler vulnerability being exploited: Citrix

Citrix Bleed #3? Buckle up.

cybersecurity  | Jun 18, 2025
New Linux bug a “critical and universal” risk?
New Linux bug a “critical and universal” risk?

CVE-2025-6019 is "trivially exploitable", gives root,

 |  Security  | May 21, 2025
Bugs from 2017 are still great for hacking governments
A rattlesnake poises to strike. Sidewinder, also known as RattleSnake, has been targeting governments in Sri Lanka, Pakistan and Bangladesh

Also known as Rattle Snake, the group has history back to 2012.

Interviews, insight, intelligence, and exclusive events for digital leaders.

© 2025 The Stack
©  2025 The Stack

Search the site
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.