Zero-day vulnerabilities are no longer rare anomalies—they’re now a core weapon in the modern attacker’s arsenal, with exploitation activity escalating year over year. According to Google’s Threat Intelligence Group (GTIG), in 2024 alone, 75 zero-day vulnerabilities were exploited in the wild—a stark indicator of the growing threat to business-critical systems. One of the latest critical […]
Following the disclosure of the Command Center CVE-2025-34028 vulnerability, researchers are now warning about another critical threat: a max-severity flaw in Craft CMS, tracked as CVE-2025-32432. Attackers are chaining it with a critical input validation bug in the Yii framework (CVE-2025-58136) to power zero-day attacks, leading to server breaches and data theft. By mid-April, around […]
Following the CVE-2025-30406 disclosure, an RCE flaw in the widely used Gladinet CentreStack and Triofox platforms, another highly critical vulnerability that could also allow remote execution of arbitrary code without authentication, is coming to the scene. The flaw, tracked as CVE-2025-34028, has been recently uncovered in the Command Center installation, which could lead to a […]
A critical vulnerability in the widely used Gladinet CentreStack and Triofox enterprise file sharing and remote access platforms has surfaced — and it’s already under active exploitation. At least seven organizations have reportedly been compromised through this flaw, tracked as CVE-2025-30406. The root cause? A hard-coded cryptographic key that leaves internet-facing servers dangerously exposed to […]
Hot on the heels of the CVE-2025-1449 disclosure, a vulnerability in Rockwell Automation software, another critical security issue affecting widely used software products is now drawing the attention of the defenders. CVE-2025-29824 is a zero-day vulnerability in the Windows Common Log File System (CLFS) that gives threat actors the green light to escalate privileges to […]
Hard on the heels of the disclosure of CVE-2025-24813, a RCE flaw in Apache Tomcat actively leveraged in the wild shortly after the release of its PoC, another vulnerability identified as CVE-2025-1449 that can be exploited remotely comes into the spotlight. Once weaponized, CVE-2025-1449 gives admin-level threat actors the green light to run arbitrary commands. […]
Heads-up for Kubernetes admins! A batch of five critical vulnerabilities called “IngressNightmare” (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974) affecting Ingress NGINX have been recently patched, posing a serious risk to the clusters. With over 40% of Kubernetes environments relying on Ingress NGINX, swift action is crucial to safeguard your systems and data against RCE attacks. […]
Hot on the heels of the disclosure of CVE-2025-24813, a newly uncovered RCE vulnerability in Apache Tomcat—actively exploited just 30 hours after its public disclosure and PoC release—another critical security threat has now emerged. Tracked as CVE-2025-29927, the newly uncovered vulnerability has been identified in the Next.js React framework, potentially giving adversaries the green light […]
A newly revealed RCE vulnerability in Apache Tomcat is under active exploitation, just 30 hours after its public disclosure and the release of a PoC. The successful exploitation of CVE-2025-24813 gives adversaries the green light to remotely execute code on targeted systems by leveraging unsafe deserialization. Detect CVE-2025-24813 Exploitation Attempts With the sharp increase in […]
Hot on the heels of the exploitation attempts of the medium-severity vulnerability in Espressif ESP32 Bluetooth chips, leveraged in over 1 billion devices, another security issue in a widely popular product, a cross-platform browser engine, WebKit, poses an increasing threat to organizations and individual users worldwide. Tracked as CVE-2025-24201, the newly uncovered zero-day vulnerability is […]