Categoria: exploited

Organizations Warned of Exploited Adobe AEM Forms Vulnerability

A public PoC existed when Adobe patched the Experience Manager Forms (AEM Forms) bug in early August.

The post Organizations Warned of Exploited Adobe AEM Forms Vulnerability appeared first on SecurityWeek.

Cisco Routers Hacked for Rootkit Deployment

Threat actors are exploiting CVE-2025-20352, a recent Cisco zero-day, to deploy a rootkit on older networking devices.

The post Cisco Routers Hacked for Rootkit Deployment appeared first on SecurityWeek.

Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching

exploitation-of-oracle-ebs-zero-day-started-2-months-before-patching

Hundreds of internet-exposed Oracle E-Business Suite instances may still be vulnerable to attacks.

The post Exploitation of Oracle EBS Zero-Day Started 2 Months Before Patching appeared first on SecurityWeek.

Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks

fortra-goanywhere-mft-zero-day-exploited-in-ransomware-attacks

The Medusa ransomware operators exploited the GoAnywhere MFT vulnerability one week before patches were released.

The post Fortra GoAnywhere MFT Zero-Day Exploited in Ransomware Attacks appeared first on SecurityWeek.

Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks

oracle-e-business-suite-zero-day-exploited-in-cl0p-attacks

Oracle has informed customers that it has patched a critical remote code execution vulnerability tracked as CVE-2025-61882.

The post Oracle E-Business Suite Zero-Day Exploited in Cl0p Attacks appeared first on SecurityWeek.

Organizations Warned of Exploited Meteobridge Vulnerability

organizations-warned-of-exploited-meteobridge-vulnerability

Patched in mid-May, the security defect allows remote unauthenticated attackers to execute arbitrary commands with root privileges.

The post Organizations Warned of Exploited Meteobridge Vulnerability appeared first on SecurityWeek.

Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability

broadcom-fails-to-disclose-zero-day-exploitation-of-vmware-vulnerability

Impacting VMware Aria Operations and VMware Tools, the flaw can be exploited to elevate privileges on the VM.

The post Broadcom Fails to Disclose Zero-Day Exploitation of VMware Vulnerability appeared first on SecurityWeek.

Organizations Warned of Exploited Sudo Vulnerability

organizations-warned-of-exploited-sudo-vulnerability

The vulnerability could allow local, low-privileged attackers to execute commands with root privileges, leading to full system compromise.

The post Organizations Warned of Exploited Sudo Vulnerability appeared first on SecurityWeek.

Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day

recent-fortra-goanywhere-mft-vulnerability-exploited-as-zero-day

Eight days before patches, a threat actor exploited CVE-2025-10035 as a zero-day to create a backdoor admin account.

The post Recent Fortra GoAnywhere MFT Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

cisco-firewall-zero-days-exploited-in-china-linked-arcanedoor-attacks

Leading to remote code execution and privilege escalation, the flaws were exploited on Cisco ASA 5500-X series devices that lack secure boot.

The post Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks appeared first on SecurityWeek.