Mês: agosto 2025

U.S. CISA adds N-able N-Central flaws to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds N-able N-Central flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added N-able N-Central flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: CVE-2025-8875N-able … Ler mais

The AhnLab Security Intelligence Center (ASEC) has uncovered fresh instances of proxyware distribution by threat actors leveraging deceptive advertising on freeware sites. Building on prior reports, such as the “DigitalPulse Proxyware Being Distributed Through Ad Pages” analysis, this campaign continues to exploit unwitting users in South Korea, installing unauthorized bandwidth-sharing tools like DigitalPulse and Honeygain. … Ler mais

Manpower data breach impacted 144,180 individuals Global staffing and workforce solutions firm Manpower reports a January RansomHub ransomware attack that compromised data of 140,000 individuals. Manpower in Lansing, Michigan, reported that the ransomware attack that disrupted its systems on January 20, 2025, resulted in a breach that impacted 144,180 individuals. The company launched an investigation … Ler mais

Security researchers have disclosed critical vulnerabilities in Xerox FreeFlow Core that enable unauthenticated remote attackers to execute arbitrary code on vulnerable systems. The proof-of-concept exploits are now publicly available, raising immediate concerns for organizations using the popular print orchestration platform. Critical Vulnerabilities Discovered Cybersecurity firm Horizon3.ai discovered two severe vulnerabilities in Xerox FreeFlow Core: an … Ler mais

A severe security vulnerability has been discovered in a popular WordPress plugin used by over 70,000 websites worldwide, potentially exposing them to complete takeover by malicious actors. The vulnerability, tracked as CVE-2025-7384, affects the “Database for Contact Form 7, WPforms, Elementor forms” plugin and carries a critical CVSS score of 9.8 out of 10. Vulnerability … Ler mais

The Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent alerts regarding two critical vulnerabilities in N-able N-Central that are currently being actively exploited, prompting immediate action from organizations using this remote monitoring and management platform. These vulnerabilities, identified as CVE-2025-8875 and CVE-2025-8876, represent significant security risks that could enable attackers to execute commands and … Ler mais

U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Microsoft Internet Explorer, Microsoft Office Excel, … Ler mais