The critical zero-day is tracked as CVE-2025-20393 and it impacts Secure Email Gateway and Secure Email and Web Manager appliances.
The post China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear appeared first on SecurityWeek.
In-the-Wild Exploitation of Fresh Fortinet Flaws Begins
Threat actors are exploiting the two critical authentication bypass vulnerabilities against FortiGate appliances.
The post In-the-Wild Exploitation of Fresh Fortinet Flaws Begins appeared first on SecurityWeek.
Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery
Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors.
The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek.
Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.
The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek.
Gladinet CentreStack Flaw Exploited to Hack Organizations
Threat actors have hacked at least nine organizations by exploiting the recently patched Gladinet CentreStack flaw.
The post Gladinet CentreStack Flaw Exploited to Hack Organizations appeared first on SecurityWeek.
Recent GeoServer Vulnerability Exploited in Attacks
Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request.
The post Recent GeoServer Vulnerability Exploited in Attacks appeared first on SecurityWeek.
Unpatched Gogs Zero-Day Exploited for Months
The exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution.
The post Unpatched Gogs Zero-Day Exploited for Months appeared first on SecurityWeek.
Google Patches Mysterious Chrome Zero-Day Exploited in the Wild
The Chrome zero-day does not have a CVE and it’s unclear who reported it and which browser component it affects.
The post Google Patches Mysterious Chrome Zero-Day Exploited in the Wild appeared first on SecurityWeek.
Exploitation of React2Shell Surges
An increasing number of threat actors have been attempting to exploit the React vulnerability CVE-2025-55182 in their attacks.
The post Exploitation of React2Shell Surges appeared first on SecurityWeek.
Chinese Hackers Exploiting React2Shell Vulnerability
AWS has seen multiple China-linked threat groups attempting to exploit the React vulnerability CVE-2025-55182.
The post Chinese Hackers Exploiting React2Shell Vulnerability appeared first on SecurityWeek.
