Cybersecurity News
Current events in the cybersecurity space.
- ShinyHunters Campaign - Salesforce Exposure Risk– August 19, 2025
- SonicWall Authenticated Arbitrary File Upload Vulnerability [CVE-2025-40599] – August 4, 2025
- Microsoft SharePoint CVE-2025-53770 & CVE-2025-53771 – July 21, 2025
- Next.js Authorization Bypass Vulnerability [CVE-2025-29927] – April 3, 2025
- SonicWall Improper Authentication Vulnerability [CVE-2024-53704] – February 26, 2025
- SonicWall Untrusted Data Pre-authentication Deserialization [CVE-2025-23006] – January 24, 2025
- Ivanti Zero-Day [CVE-2025-0282 & CVE-2025-0283] – January 16, 2025
- Cleo File Transfer [CVE-2024-50623 & CVE-2024-55956] – December 17, 2024
- CUPS Printing System Vulnerabilities – September 27, 2024
- ServiceNow Vulnerability Chain [CVE-2024-4879, CVE-2024-5217, & CVE-2024-5178] – August 2, 2024
- CrowdStrike Update Causes Outage – July 19, 2024
- Progress MOVEit Transfer Authentication Bypass [CVE-2024-5806] – June 28, 2024
- ArcaneDoor Vulnerabilities [CVE-2024-20353, CVE-2024-20359] – May 01, 2024
- CrushFTP Zero-Day [CVE-2024-4040] – April 24, 2024
- Critical Command Injection Vulnerability in Some Versions of Palo Alto PAN-OS [CVE-2024-3400] – April 12, 2024
- Supply Chain Attack via XZ Library Resulting in SSH Backdoor [CVE-2024-3094] – April 1, 2024
- Fortinet FortiOS SSL VPN Out of Bounds Write [CVE-2024-21762] – February 9, 2024
- Critical Actions Required for Ivanti Connect Secure or Ivanti Policy Secure – February 1, 2024
- VMware vCenter Server: Out-of-Bounds Write [CVE-2023-34048] & Partial Information Disclosure [CVE-2023-34056] – January 25, 2024
- Atlassian Confluence Data Center and Server Template Injection [CVE-2023-22527] – January 25, 2024
- Ivanti Connect Secure and Policy Secure: Command Injection [CVE-2024-21887] & Authentication Bypass [CVE-2023-46805] – January 12, 2024