News

The Hacker News1d
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
CVE-2025-0282 is a critical security flaw in ICS that could permit unauthenticated remote code execution. It was addressed by Ivanti in early January 2025. CVE-2025-22457, patched in April 2025, ...
Max severity Cisco ISE bug allows pre-auth command execution, patch now
A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an ...
New Fortinet FortiWeb hacks likely linked to public RCE exploits
Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public ...
The Hacker News4d
⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
From Bluetooth exploits in vehicles to macOS backdoors and GitHub phishing tricks—this week’s threats go deeper than they ...
Exploit available: Patch FortiWeb vulnerability now!
On Thursday, Fortinet released an update for FortiWeb. Exploits have emerged that abuse the critical gap.