-
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled a comprehensive Cybersecurity Advisory (CSA) designed to empower network defenders to detect, hunt, and mitigate the activities of advanced persistent threat (APT) actors linked to th…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert after detecting active exploitation of a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices. Designated CVE-2025-7775, the flaw …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
CISA has issued an urgent warning regarding a critical zero-day vulnerability affecting Citrix NetScaler systems, designated as CVE-2025-7775. This memory overflow vulnerability enables remote code execution (RCE) and has been actively exploited by malicious cyber actors, prompting immediate inclusion in CISA’s Known Exploited Vulnerabilities (KEV) Catalog on August 26, 2025. Key Takeaways1. Citrix NetScaler zero-day […] The post CISA Warns of Citrix Netscaler 0-day RCE Vulnerability Exploited in Attacks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A widespread service disruption is currently affecting Microsoft Teams users across the globe, preventing access to embedded Office documents within the collaboration platform. The issue, which began surfacing, has created significant workflo…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day remote code execution (RCE) vulnerability is currently threatening the security of over 28,000 Citrix instances worldwide. The flaw, designated as CVE-2025-7775, is being actively exploited by threat actors, prompting urge…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Path traversal flaws like Zip Slip, which give hackers the ability to alter file systems while decompressing, remain a serious danger in the ever-changing world of cybersecurity threats. This vulnerability, stemming from inadequate input validation in …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical zero-day remote code execution (RCE) vulnerability, tracked as CVE-2025-7775, is affecting over 28,000 Citrix instances worldwide. The flaw is being actively exploited in the wild, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities (KEV) catalog. The Shadowserver Foundation discovered that as of August 26, […] The post 28,000+ Citrix Servers Exposed to Active 0-Day RCE Vulnerability Exploited in the Wild appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A weaponized proof-of-concept exploit has been publicly released targeting CVE-2025-54309, a severe authentication bypass vulnerability affecting CrushFTP file transfer servers. The flaw enables remote attackers to gain administrative privileges through a race condition in AS2 validation processing, circumventing authentication mechanisms entirely. Key Takeaways1. Race-condition exploit lets attackers bypass CrushFTP authentication.2. Public PoC on GitHub confirms […] The post PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309) appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A stored cross-site scripting (XSS) flaw identified in IPFire 2.29’s web-based firewall interface (firewall.cgi). Tracked as CVE-2025-50975, the vulnerability allows any authenticated administrator to inject persistent JavaScript into firewall rule parameters. Once stored, the payload executes automatically when another administrator loads the rules page, potentially resulting in session hijacking, unauthorized actions within the interface, or […] The post IPFire Web-Based Firewall Interface Allows Authenticated Administrator to Inject Persistent JavaScript appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
NVIDIA has issued a critical security bulletin addressing a high-severity vulnerability in its NeMo Curator platform that could allow attackers to execute malicious code and escalate privileges on affected systems. The vulnerability, designated CVE-2025-23307, affects all versions of NVIDIA NeMo Curator prior to release 25.07 across Windows, Linux, and macOS platforms. The security flaw stems […] The post NVIDIA NeMo AI Curator Enables Code Execution and Privilege Escalation appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
