Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

Dingtian DT-R002 | CISA

by CISA
September 25, 2025
Security News, Assessments & Alerts
3 min read

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Dingtian Equipment: DT-R002 Vulnerabilities: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve…

CISA Issues Emergency Directive Requiring Federal Agencies to Identify and Mitigate Cisco Zero-Day Vulnerabilities

by CISA
September 25, 2025
Security News, Assessments & Alerts
2 min read

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-03 in response to an advanced threat actor targeting Cisco Adaptive Security Appliances (ASA) via web services. This is the second emergency…

CTEM’s Core: Prioritization and Validation

Despite a coordinated investment of time, effort, planning, and resources, even the most up-to-date cybersecurity systems continue to fail. Every day. Why? It’s not because security teams can’t see enough. Quite the contrary. Every security…

Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More

Sep 25, 2025Ravie LakshmananCybersecurity / Hacking News Welcome to this week’s Threatsday Bulletin—your Thursday check-in on the latest twists and turns in cybersecurity and hacking. The digital threat landscape never stands still. One week it’s…

Tech Overtakes Gaming as Top DDoS Attack Target, New Gcore Radar Report Finds

The latest Gcore Radar report analyzing attack data from Q1–Q2 2025, reveals a 41% year-on-year increase in total attack volume. The largest attack peaked at 2.2 Tbps, surpassing the 2 Tbps record in late 2024.…

Malicious Rust Crates Steal Solana and Ethereum Keys — 8,424 Downloads Confirmed

Sep 25, 2025Ravie LakshmananSoftware Security / Malware Cybersecurity researchers have discovered two malicious Rust crates impersonating a legitimate library called fast_log to steal Solana and Ethereum wallet keys from source code. The crates, named faster_log…

Cisco Warns of Actively Exploited SNMP Vulnerability Allowing RCE or DoS in IOS Software

Sep 25, 2025Ravie LakshmananVulnerability / Network Security Cisco has warned of a high-severity security flaw in IOS Software and IOS XE Software that could allow a remote attacker to execute arbitrary code or trigger a…

Chinese Hackers RedNovember Target Global Governments Using Pantegana and Cobalt Strike

Sep 24, 2025Ravie LakshmananVulnerability / Network Security A suspected cyber espionage activity cluster that was previously found targeting global government and private sector organizations spanning Africa, Asia, North America, South America, and Oceania has been…

UNC5221 Uses BRICKSTORM Backdoor to Infiltrate U.S. Legal and Technology Sectors

Companies in the legal services, software-as-a-service (SaaS) providers, Business Process Outsourcers (BPOs), and technology sectors in the U.S. have been targeted by a suspected China-nexus cyber espionage group to deliver a known backdoor referred to…

Two Critical Flaws Uncovered in Wondershare RepairIt Exposing User Data and AI Models

Cybersecurity researchers have disclosed two security flaws in Wondershare RepairIt that exposed private user data and potentially exposed the system to artificial intelligence (AI) model tampering and supply chain risks. The critical-rated vulnerabilities in question,…

« Previous
1
…
154
155
156
157
158
…
526
Next »