GoKawiil - Latest Tech News & Aggregated Headlines

Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware

bleepingcomputer.com Unknown 2025-12-25 08:10:42

Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company. Cybersecurity firm Darktrace discovered the attack during an incident response in April 2025, where an investigation revealed that the Auto-Color malware had evolved to include additional advanced evasion tactics. Darktrace reports that the attack started on April 25, but active exploitation occurred two days

Topics: 2025 auto color cve darktrace

Shop Amazon

Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data

bleepingcomputer.com Unknown 2025-12-27 17:03:29

Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data. TCC is a security technology and a privacy framework that blocks apps from accessing private user data by providing macOS control over how their data is accessed and used by applications across Apple devices. Apple has fixed the security flaw tracked as CVE-2025-31199 (reported by Microsoft'

Topics: apple cve data microsoft security

Shop Amazon

Exploit available for critical Cisco ISE bug exploited in attacks

bleepingcomputer.com Unknown 2025-12-27 22:29:23

Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE). The critical vulnerability was first disclosed on June 25, 2025, with Cisco warning that it impacts ISE and ISE-PIC versions 3.3 and 3.4, allowing unauthenticated, remote attackers to upload arbitrary files to the target system and execute them with root privileges. The issue stems fr

Topics: 2025 cisco command cve exploit

Shop Amazon

CISA flags PaperCut RCE bug as exploited in attacks, patch now

bleepingcomputer.com Unknown 2025-12-28 03:59:36

CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. The software developer says that more than 100 million users use its products across over 70,000 organizations worldwide. The security flaw (tracked as CVE-2023-2533 and patched in June 2023) can allow an attacker to alter security settings or execute arbitrary code if the target

Topics: 2023 attacks cisa cve papercut

Shop Amazon

This industrial AI startup is winning over customers by saying it won’t get acquired

techcrunch.com Sean O'Kane 2026-01-01 22:37:47

When industrial AI startup CVector meets with manufacturers, utility providers, and other prospective customers, the founders are often asked the same question: will you still be here in six months? A year? It’s a fair concern in an environment where the biggest, richest tech companies are luring top talent with eye-watering salaries and increasingly targeting rising AI startups with elaborate acquihire deals. The answer that CVector founders Richard Zhang and Tyler Ruggles give every time is

Topics: customers cvector ruggles said zhang

Shop Amazon

Mitel warns of critical MiVoice MX-ONE authentication bypass flaw

bleepingcomputer.com Unknown 2026-01-02 12:17:40

Mitel Networks has released security updates to patch a critical-severity authentication bypass vulnerability impacting its MiVoice MX-ONE enterprise communications platform. MX-ONE is the company's SIP-based communications system, which can scale to support hundreds of thousands of users. The critical security flaw is due to an improper access control weakness discovered in the MiVoice MX-ONE Provisioning Manager component and has yet to be assigned a CVE ID. Unauthenticated attackers can exp

Topics: access cve mitel mivoice mx

Shop Amazon

SonicWall urges admins to patch critical RCE flaw in SMA 100 devices

bleepingcomputer.com Unknown 2026-01-03 14:17:39

SonicWall urges customers to patch SMA 100 series appliances against a critical authenticated arbitrary file upload vulnerability that can let attackers gain remote code execution. The security flaw (tracked as CVE-2025-40599) is caused by an unrestricted file upload weakness in the devices' web management interfaces, which can allow remote threat actors with administrative privileges to upload arbitrary files to the system. "SonicWall strongly recommends that users of the SMA 100 series produ

Topics: 2025 attacks cve sma sonicwall

Shop Amazon

Apache HTTP Server: 'RewriteCond expr' always evaluates to true

news.ycombinator.com Unknown 2026-01-03 05:20:52

*) SECURITY: CVE-2025-54090 : Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64 (cve.mitre.org) A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. Reviewed By: covener, ylavic, gbechis, jorton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1927361 13f79535-47bb-0310-9956-ffa450edef68

Topics: 64 apache cve expr org

Shop Amazon

CVE-2025-54090: Apache HTTP Server: 'RewriteCond expr' always evaluates to true

news.ycombinator.com Unknown 2026-01-03 11:20:52

*) SECURITY: CVE-2025-54090 : Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64 (cve.mitre.org) A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. Reviewed By: covener, ylavic, gbechis, jorton git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1927361 13f79535-47bb-0310-9956-ffa450edef68

Topics: 64 apache cve expr org

Shop Amazon

Cisco: Maximum-severity ISE RCE flaws now exploited in attacks

bleepingcomputer.com Unknown 2026-01-08 08:40:08

Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. Although the vendor did not specify how they were being exploited and whether they were successful, applying the security updates as soon as possible is now critical. “In July 2025, the Cisco PSIRT became aware of attempted exploitation of some of these vulnerabilities in the wild,” reads the updated advisory. “Cisco c

Topics: 2025 cisco cve ise patch

Shop Amazon

Microsoft links Sharepoint attacks to Chinese hacking groups

bleepingcomputer.com Unknown 2026-01-08 10:26:06

Several hacking groups with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain. They used this exploit chain (dubbed "ToolShell") to breach dozens of organizations worldwide after hacking into their on-premise SharePoint servers. "Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon exploiting these vulnerabilities targeting internet-facing SharePoint serv

Topics: 2025 actors cve microsoft sharepoint

Shop Amazon

Microsoft Sharepoint ToolShell attacks linked to Chinese hackers

bleepingcomputer.com Unknown 2026-01-09 04:26:06

Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain. They used this exploit chain (dubbed "ToolShell") to breach dozens of organizations worldwide after hacking into their on-premise SharePoint servers. "We assess that at least one of the actors responsible for this early exploitation is a China-nexus threat actor. It's critical to understand that multiple actors are now actively explo

Topics: 2025 actors cve microsoft sharepoint

Shop Amazon

SharePoint vulnerability with 9.8 severity rating under exploit across globe

arstechnica.com Unknown 2026-01-10 03:30:09

Authorities and researchers are sounding the alarm over the active mass exploitation of a high-severity vulnerability in Microsoft SharePoint Server that’s allowing attackers to make off with sensitive company data, including authentication tokens used to access systems inside networks. Researchers said anyone running an on-premises instance of SharePoint should assume their networks are breached. The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 1

Topics: 2025 cve microsoft sharepoint vulnerability

Shop Amazon

Microsoft Fix Targets Attacks on SharePoint Zero-Day

krebsonsecurity.com Unknown 2026-01-11 03:45:46

On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the Sharepoint flaw to breach U.S. federal and state agencies, universities, and energy companies. In an advisory about the SharePoint security hole, a.k.a. CVE-2025-53770, Microsoft said it is aware of active attacks targeting on-premises SharePoint

Topics: 2025 cve microsoft servers sharepoint

Shop Amazon

Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch

zdnet.com Lance Whitney 2026-01-11 03:05:25

sankai/Getty Microsoft has patched two critical zero-day SharePoint security flaws that have already been exploited by hackers to attack vulnerable organizations. Responding to the exploits, the software giant has issued fixes for SharePoint Server Subscription Edition and SharePoint Server 2019 but is still working on a patch for SharePoint Server 2016. Designated as CVE-2025-53771 and CVE-2025-53770, the two vulnerabilities apply only to on-premises versions of SharePoint, so organizations t

Topics: 2025 cve microsoft server sharepoint

Shop Amazon

Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

bleepingcomputer.com Unknown 2026-01-11 23:34:21

Over 1,000 CrushFTP instances currently exposed online are vulnerable to hijack attacks that exploit a critical security bug, providing admin access to the web interface. The security vulnerability (CVE-2025-54309) is due to mishandled AS2 validation and impacts all CrushFTP versions below 10.8.5 and 11.3.4_23. The vendor tagged the flaw as actively exploited in the wild on July 19th, noting that attacks may have begun earlier, although it has yet to find evidence to confirm this. "July 18th,

Topics: 2025 attacks crushftp cve data

Shop Amazon

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

bleepingcomputer.com Unknown 2026-01-11 21:41:46

Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks. In May, during the Berlin Pwn2Own hacking contest, researchers exploited a zero-day vulnerability chain called "ToolShell," which enabled them to achieve remote code execution in Microsoft SharePoint. These flaws were fixed as part of the July Patch Tuesday updates; However, threat actors were

Topics: 2025 cve microsoft sharepoint update

Shop Amazon

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

bleepingcomputer.com Unknown 2026-01-11 17:40:06

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised worldwide. In May, Viettel Cyber Security researchers chained two Microsoft SharePoint flaws, CVE-2025-49706 and CVE-2025-49704, in a "ToolShell" attack demonstrated at Pwn2Own Berlin to achieve remote code execution. While Microsoft patched both ToolShell flaws as part of the July Patch T

Topics: 2025 cve microsoft security sharepoint

Shop Amazon

Hackers scanning for TeleMessage Signal clone flaw exposing passwords

bleepingcomputer.com Unknown 2026-01-13 08:06:05

Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data. TeleMessage SGNL is a Signal clone app now owned by Smarsh, a compliance-focused company that provides cloud-based or on-premisses communication solutions to various organizations. Scanning for vulnerable endpoints Threat monitoring firm GreyNoise has observed multiple attempts to exploit CVE-2025-48927, likely b

Topics: 2025 48927 boot cve endpoints

Shop Amazon

VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin

bleepingcomputer.com Unknown 2026-01-14 22:36:42

VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. Three of the patched flaws have a severity rating of 9.3, as they allow programs running in a guest virtual machine to execute commands on the host. These flaws are tracked as CVE-2025-41236, CVE-2025-41237, and CVE-2025-41238. These flaws are described in the security advisory as: CVE-2025-41236 : VMware ESXi, Workstatio

Topics: 2025 cve pwn2own virtual vmware

Shop Amazon

Max severity Cisco ISE bug allows pre-auth command execution, patch now

bleepingcomputer.com Unknown 2026-01-16 03:53:26

A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. The security issue received the maximum severity rating, 10 out of 10, and is caused by insufficient user-supplied input validation checks. It was discovered by Kentaro Kawane, a researcher at the Japanese cybersecurity service GMO Cybersecurity by Ierae, and report

Topics: 2025 cisco cve ise vulnerabilities

Shop Amazon

Google fixes actively exploited sandbox escape zero day in Chrome

bleepingcomputer.com Unknown 2026-01-19 21:47:46

Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection. The vulnerability is identified as CVE-2025-6558 and received a high-severity rating of 8.8. It was discovered by researchers at Google’s Threat Analysis Group (TAG) on June 23. The security issue is described as an insufficient validation of untrusted input in ANGLE and GPU that affects Google Chrome versions before 1

Topics: 2025 browser chrome cve google

Shop Amazon

Hackers are exploiting critical RCE flaw in Wing FTP Server

bleepingcomputer.com Unknown 2026-01-25 02:13:24

Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. The observed attack ran multiple enumeration and reconnaissance commands followed by establishing persistence by creating new users. The exploited Wing FTP Server vulnerability is tracked as CVE-2025-47812 and received the highest severity score. It is a combination of a null byte and Lua code injection that allows remote a unauthenti

Topics: 2025 code cve ftp wing

Shop Amazon

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

bleepingcomputer.com Unknown 2026-01-27 03:45:57

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. Such a short deadline for installing the patches is unprecedented since CISA released the Known Exploited Vulnerabilities (KEV) catalog, showing the severity of the attacks exploiting the security issue. The agency added the flaw to its Known Exploited Vulnerabiliti

Topics: citrix citrixbleed cve exploitation vulnerability

Shop Amazon

Cybersecurity’s global alarm system is breaking down

technologyreview.com Matthew King 2026-01-27 21:00:00

Cybersecurity practitioners have since flooded Discord channels and LinkedIn feeds with emergency posts and memes of “NVD” and “CVE” engraved on tombstones. Unpatched vulnerabilities are the second most common way cyberattackers break in, and they have led to fatal hospital outages and critical infrastructure failures. In a social media post, Jen Easterly, a US cybersecurity expert, said: “Losing [CVE] would be like tearing out the card catalog from every library at once—leaving defenders to sor

Topics: cve nist nvd security vulnerabilities

Shop Amazon

Microsoft Patch Tuesday, July 2025 Edition

krebsonsecurity.com Unknown 2026-01-31 00:53:33

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsoft’s most-dire “critical” rating, meaning they could be exploited to seize control over vulnerable Windows PCs with little or no help from users. While not listed as critical, CVE-2025-49719 is a publicly disclosed information disclosure vulnerabilit

Topics: 2025 cve microsoft server windows

Shop Amazon

Ruckus Networks leaves severe flaws unpatched in management devices

bleepingcomputer.com Unknown 2026-02-01 12:42:07

Multiple vulnerabilities that remain unpatched in Ruckus Wireless management products could be exploited to fully compromise the network environment they serve. The issues affect Ruckus Wireless Virtual SmartZone (vSZ) and Ruckus Network Director (RND), and range from uauthenticated remote code execution to hardcoded passwords or SSH public and private keys. Ruckus vSZ is a centralized wireless network controller that can manage tens of thousands of Ruckus access points and clients, allowing c

Topics: access cve hardcoded ruckus vsz

Shop Amazon

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

arstechnica.com Unknown 2026-02-02 02:20:24

A critical vulnerability allowing hackers to bypass multifactor authentication in network management devices made by Citrix has been actively exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild exploitation. Tracked as CVE-2025-5777, the vulnerability shares similarities with CVE-2023-4966, a security flaw nicknamed CitrixBleed, which led to the compromise of 20,000 Citrix devices two years ago. The

Topics: citrix citrixbleed cve exploitation said

Shop Amazon

Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws

bleepingcomputer.com Unknown 2026-02-03 22:30:56

Today is Microsoft's July 2025 Patch Tuesday, which includes security updates for 137 flaws, including one publicly disclosed zero-day vulnerability in Microsoft SQL Server. This Patch Tuesday also fixes fourteen "Critical" vulnerabilities, ten of which are remote code execution vulnerabilities, one is an information disclosure, and two are AMD side channel attack flaws. The number of bugs in each vulnerability category is listed below: 53 Elevation of Privilege Vulnerabilities 8 Security Fe

Topics: 2025 cve important vulnerability windows

Shop Amazon

Your Brother printer might have a critical security flaw - how to check and what to do next

zdnet.com Elyse Betters Picaro 2026-02-13 08:30:14

Brother / Elyse Betters Picaro / ZDNET Hundreds of Brother printer models have been found to harbor a serious security flaw that can't be fully patched on existing devices. First noticed by Rapid7 in May and publicly disclosed on June 25, this unpatchable vulnerability lets an attacker who knows -- or can find out -- your printer's serial number generate its default administrator password. Also: Patch your Windows PC now before bootkit malware takes it over - here's how Yes, the same password

Topics: 2024 brother cve password printer

Shop Amazon

Latest Tech News

Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware

Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data

Exploit available for critical Cisco ISE bug exploited in attacks

CISA flags PaperCut RCE bug as exploited in attacks, patch now

This industrial AI startup is winning over customers by saying it won’t get acquired

Mitel warns of critical MiVoice MX-ONE authentication bypass flaw

SonicWall urges admins to patch critical RCE flaw in SMA 100 devices

Apache HTTP Server: 'RewriteCond expr' always evaluates to true

CVE-2025-54090: Apache HTTP Server: 'RewriteCond expr' always evaluates to true

Cisco: Maximum-severity ISE RCE flaws now exploited in attacks

Microsoft links Sharepoint attacks to Chinese hacking groups

Microsoft Sharepoint ToolShell attacks linked to Chinese hackers

SharePoint vulnerability with 9.8 severity rating under exploit across globe

Microsoft Fix Targets Attacks on SharePoint Zero-Day

Microsoft fixes two SharePoint zero-days under attack, but it's not over - how to patch

Over 1,000 CrushFTP servers exposed to ongoing hijack attacks

Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks

Microsoft SharePoint zero-day exploited in RCE attacks, no patch available

Hackers scanning for TeleMessage Signal clone flaw exposing passwords

VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin

Max severity Cisco ISE bug allows pre-auth command execution, patch now

Google fixes actively exploited sandbox escape zero day in Chrome

Hackers are exploiting critical RCE flaw in Wing FTP Server

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

Cybersecurity’s global alarm system is breaking down

Microsoft Patch Tuesday, July 2025 Edition

Ruckus Networks leaves severe flaws unpatched in management devices

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

Microsoft July 2025 Patch Tuesday fixes one zero-day, 137 flaws

Your Brother printer might have a critical security flaw - how to check and what to do next

About GoKawiil

Privacy

Advertising

Latest Tech News

Trending Topics

Hot Now

Popular

Emerging

About GoKawiil

Privacy

Advertising