Vulnerability archivos - CISO2CISO.COM & CYBER SECURITY GROUP

Vulnerability

securityweek.com

Critical Authentication Bypass Flaw Patched in Teleport – Source: www.securityweek.com

Critical Authentication Bypass Flaw Patched in Teleport – Source: www.securityweek.com

CVE-2025-6018 and CVE-2025-6019 Vulnerability Exploitation: Chaining Local Privilege Escalation Flaws Lets Attackers Gain Root Access on Most Linux Distributions – Source: socprime.com

CVE-2025-6018 and CVE-2025-6019 Vulnerability Exploitation: Chaining Local Privilege Escalation Flaws Lets Attackers Gain Root Access...

securityweek.com

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products – Source: www.securityweek.com

Code Execution Vulnerabilities Patched in Veeam, BeyondTrust Products – Source: www.securityweek.com

CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking – Source: socprime.com

CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking – Source: socprime.com

securityweek.com

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking – Source: www.securityweek.com

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking – Source: www.securityweek.com

Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent Access and Ransomware Deployment – Source: socprime.com

Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent...

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an AI Agent – Source: socprime.com

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an...

CVE-2025-33053 Detection: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group – Source: socprime.com

CVE-2025-33053 Detection: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group...

grahamcluley.com

Smashing Security podcast #421: Toothpick flirts, Google leaks, and ICE ICE scammers – Source: grahamcluley.com

Smashing Security podcast #421: Toothpick flirts, Google leaks, and ICE ICE scammers – Source: grahamcluley.com

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group – Source: socprime.com

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group...

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges – Source: socprime.com

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges – Source: socprime.com

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild – Source: socprime.com

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild – Source: socprime.com

CVE-2025-20286 Vulnerability Exploitation: Critical Cisco ISE Flaw Affects AWS, Microsoft Azure, and OCI Cloud Deployments – Source: socprime.com

CVE-2025-20286 Vulnerability Exploitation: Critical Cisco ISE Flaw Affects AWS, Microsoft Azure, and OCI Cloud Deployments...

grahamcluley.com

Smashing Security podcast #419: Star Wars, the CIA, and a WhatsApp malware mirage – Source: grahamcluley.com

Smashing Security podcast #419: Star Wars, the CIA, and a WhatsApp malware mirage – Source:...

BadSuccessor Detection: Critical Windows Server Vulnerability Can Compromise Any User in Active Directory – Source: socprime.com

BadSuccessor Detection: Critical Windows Server Vulnerability Can Compromise Any User in Active Directory – Source:...

securityweek.com

Companies Warned of Commvault Vulnerability Exploitation – Source: www.securityweek.com

Companies Warned of Commvault Vulnerability Exploitation – Source: www.securityweek.com

securityweek.com

GitLab, Atlassian Patch High-Severity Vulnerabilities – Source: www.securityweek.com

GitLab, Atlassian Patch High-Severity Vulnerabilities – Source: www.securityweek.com

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and Enable RCE – Source: socprime.com

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and...

Security Boulevard

ADR Blocks Spike in Cyber Attacks and Sharp Rise in Path Traversal Attacks | April Attack Data | Contrast Security – Source: securityboulevard.com

ADR Blocks Spike in Cyber Attacks and Sharp Rise in Path Traversal Attacks | April...

CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE – Source: socprime.com

CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE – Source: socprime.com

Infosecurity Magazine

RCE Vulnerability Found in RomethemeKit For Elementor Plugin – Source: www.infosecurity-magazine.com

RCE Vulnerability Found in RomethemeKit For Elementor Plugin – Source: www.infosecurity-magazine.com

grahamcluley.com

Prescription for disaster: Sensitive patient data leaked in Ascension breach – Source: www.fortra.com

Prescription for disaster: Sensitive patient data leaked in Ascension breach – Source: www.fortra.com

securityweek.com

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers – Source: www.securityweek.com

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers – Source: www.securityweek.com

securityweek.com

SAP Patches Another Exploited NetWeaver Vulnerability – Source: www.securityweek.com

SAP Patches Another Exploited NetWeaver Vulnerability – Source: www.securityweek.com

Dark Reading Security

Vulnerability Detection Tops Agentic AI at RSAC’s Startup Competition – Source: www.darkreading.com

Vulnerability Detection Tops Agentic AI at RSAC’s Startup Competition – Source: www.darkreading.com

CVE-2025-31324 Detection: SAP NetWeaver Zero-Day Under Active Exploitation Exposes Critical Systems to Remote Code Execution – Source: socprime.com

CVE-2025-31324 Detection: SAP NetWeaver Zero-Day Under Active Exploitation Exposes Critical Systems to Remote Code Execution ...

Dark Reading Security

Vulnerability Exploitation Is Shifting in 2024-25 – Source: www.darkreading.com

Vulnerability Exploitation Is Shifting in 2024-25 – Source: www.darkreading.com

CVE-2025-32432: Critical Craft CMS Vulnerability Is Actively Exploited in Zero-Day Attacks, Leads to Remote Code Execution – Source: socprime.com

CVE-2025-32432: Critical Craft CMS Vulnerability Is Actively Exploited in Zero-Day Attacks, Leads to Remote Code...

CVE-2025-34028 Detection: A Maximum-Severity Vulnerability in the Commvault Command Center Enables RCE – Source: socprime.com

CVE-2025-34028 Detection: A Maximum-Severity Vulnerability in the Commvault Command Center Enables RCE – Source: socprime.com

securityweek.com

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking – Source: www.securityweek.com

Critical Erlang/OTP SSH Flaw Exposes Many Devices to Remote Hacking – Source: www.securityweek.com

MORE RESOURCES

CISO Strategics

cyber operations & soc

red - blue & purple teams

THREAT INTELLIGENCE

VULNERABILITIES

CYBER ATTACKS

DATA BREACH

MALLWARE

RANSOMWARE

DDOS ATTACKS

CLOUD SECURITY

IOT SECURITY

hacking

CISO
STRATEGICS

CYBER
ARCHITECTURE

SOC CSIRT
OPERATIONS

CYBERSECURITY
TOOLS

CYBERSECURITY
VENDORS

CYBERSECURITY
MSSP

Accenture
Attos
AT&T Cybersecurity
BT Security
BASE 4 - Hispam
Deloitte
Entelgy Security
KPMG
NTT Security
Novared - Hispam
Neosecure - Hispam
Orange Cyberdefense
PwC
Telefonica Tech
Thales
Verizon Security