SonicWall has been investigating reports about a zero-day potentially being exploited in ransomware attacks, but found no evidence of a new vulnerability.
The post SonicWall Says Recent Attacks Don’t Involve Zero-Day Vulnerability appeared first on SecurityWeek.
Trend Micro has rushed to fix two Apex One zero-days that may have been exploited by Chinese threat actors.
The post Trend Micro Patches Apex One Vulnerabilities Exploited in Wild appeared first on SecurityWeek.
Android’s light August 2025 security update resolves an Adreno GPU vulnerability confirmed as exploited in June.
The post Android’s August 2025 Update Patches Exploited Qualcomm Vulnerability appeared first on SecurityWeek.
Tracked as CVE-2025-6558, the flaw was found in Chrome’s ANGLE and GPU components and was flagged as exploited by Google TAG.
The post Apple Patches Safari Vulnerability Flagged as Exploited Against Chrome appeared first on SecurityWeek.
Threat actors are exploiting a two-year-old vulnerability in PaperCut that allows them to execute arbitrary code remotely.
The post Organizations Warned of Exploited PaperCut Flaw appeared first on SecurityWeek.
The Post SMTP email delivery WordPress plugin is affected by a critical vulnerability and half of websites using it remain unpatched.
The post Flaw Allowing Website Takeover Found in WordPress Plugin With 400k Installations appeared first on SecurityWeek.
More information has emerged on the ToolShell SharePoint zero-day attacks, including impact, victims, and threat actors.
The post ToolShell Attacks Hit 400+ SharePoint Servers, US Government Victims Named appeared first on SecurityWeek.
Cisco says it is aware of attempted exploitation of critical ISE vulnerabilities leading to unauthenticated remote code execution.
The post Hackers Start Exploiting Critical Cisco ISE Vulnerabilities appeared first on SecurityWeek.
CISA has added two recent SysAid vulnerabilities, CVE-2025-2776 and CVE-2025-2775, to its KEV catalog.
The post CISA Warns of SysAid Vulnerability Exploitation appeared first on SecurityWeek.
Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days.
The post Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch appeared first on SecurityWeek.
