A newly revealed RCE vulnerability in Apache Tomcat is under active exploitation, just 30 hours after its public disclosure and the release of a PoC. The successful exploitation of CVE-2025-24813 gives adversaries the green light to remotely execute code on targeted systems by leveraging unsafe deserialization. Detect CVE-2025-24813 Exploitation Attempts With the sharp increase in […]
Hot on the heels of the exploitation attempts of the medium-severity vulnerability in Espressif ESP32 Bluetooth chips, leveraged in over 1 billion devices, another security issue in a widely popular product, a cross-platform browser engine, WebKit, poses an increasing threat to organizations and individual users worldwide. Tracked as CVE-2025-24201, the newly uncovered zero-day vulnerability is […]
Following the disclosure of an authorization bypass vulnerability in the Motorola Mobility Droid Razr HD (Model XT926), another major security flaw in a widely used product now threatens global organizations with unauthorized access and potential control over critical systems. The ESP32 microchip by Espressif, found in over 1 billion devices as of 2023, contains 29 […]
Hot on the heels of the disclosure of CVE-2025-1001, a novel Medixant RadiAnt DICOM Viewer vulnerability, another security issue emerges in the cyber threat landscape. A newly identified flaw, CVE-2025-25730, affects the Mobility Droid Razr HD (Model XT926) and enables nearby unauthorized attackers to access USB debugging, potentially compromising the host device. With cyber threats […]
A new day, a new menace for cyber defenders. A novel vulnerability in Medixant RadiAnt DICOM Viewer—a popular PACS DICOM viewer for medical imaging—allows hackers to execute machine-in-the-middle (MitM) attacks. GitHub reports that by late 2024, an average of 115 CVEs were disclosed daily, with a 124% rise in cyberattacks exploiting vulnerabilities in Q3 2024. […]
A novel max-severity RCE vulnerability (CVE-2025-27364) in MITRE Caldera poses a serious risk of system compromise. The flaw can also be chained with another Parallels Desktop security issue, CVE-2024-34331, to double the risks of threats. If exploited, these security issues could provide hackers with full system control, causing unauthorized access, data breaches, and further lateral […]
Hard on the heels of the recent disclosure of CVE-2025-0108 exploitation affecting Palo Alto Networks PAN-OS products, another critical vulnerability comes to light. Defenders identified a new critical relative path traversal vulnerability in Ping Identity PingAM Java Policy Agent, CVE-2025-20059, which gives attackers the green light to inject malicious parameters spreading the infection further. The […]
A recently patched firewall flaw in Palo Alto Networks PAN-OS, tracked as CVE-2025-0108, lets cybercriminals with network access to the management web interface bypass authentication and execute certain PHP scripts. Although this doesn’t lead to remote execution of malicious code, this critical flaw still poses risks to the integrity and security of PAN-OS products. The […]
Two newly uncovered security flaws in the open-source OpenSSH suite tracked as CVE-2025-26465 and CVE-2025-26466 could enable adversaries to launch machine-in-the-middle/man-in-the-middle (MitM) or denial-of-service (DoS) attacks. With the growing number of weaponized CVEs, proactive detection of vulnerability exploitation is more critical than ever. In just the first two months of 2025, 6,127 new vulnerabilities have […]
A novel PostgreSQL flaw, CVE-2025-1094, has hit the headlines. Defenders recently revealed that attackers responsible for weaponizing a BeyondTrust zero-day RCE are also in charge of abusing another critical security issue in PostgreSQL. SOC Prime Platform for collective cyber defense helps organizations proactively detect vulnerability exploitation attempts using relevant context-enriched Sigma rules compatible with dozens of SIEM, […]