Cybercriminelen maken op grote schaal misbruik van de kwetsbaarheid CitrixBleed 2 (CVE-2025-5777), zo waarschuwt de Britse ...

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-47812 Wing FTP Server Improper Neutralization of Null Byte or NUL Character Vulnerability Th…

Hackers exploit critical Wing FTP flaw (CVE-2025-47812) for remote code execution with root/system rights after details leaked on June 30. Threat actors are exploiting a critical flaw, tracked as CVE-2025-47812 (CVSS score of 10), in Wing FTP Server that allo…

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them o…

With 133 patches in its Patch Tuesday update this month, Microsoft delivered a big, broad and important release that requires a Patch Now plan for Windows, Microsoft Office and SQL Server. A zero-day (CVE-2025-49719) in SQL Server requires urgent action, as d…

The cybersecurity community is once again sounding the alarm over a new vulnerability in Citrix NetScaler devices- this time, it’s CVE-2025-5777, also dubbed CitrixBleed 2. Following in the footsteps of the high-profile CitrixBleed vulnerability (CVE-2023-496…

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. [...]

Threat actors are actively exploiting a recently fixed remote code execution vulnerability (CVE-2025-47812) in Wing FTP Server, security researchers have warned. Wing FTP Server and CVE-2025-47812 Wing FTP Server is a commercial file transfer server solution …

A recently disclosed maximum-severity security flaw impacting the Wing FTP Server has come under active exploitation in the wild, according to Huntress. The vulnerability, tracked as CVE-2025-47812 (CVSS score: 10.0), is a case of improper handling of null ('…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weapo…

Add CISA to the list The US Cybersecurity and Infrastructure Security Agency has added its weighty name to the list of parties agreeing that CVE-2025-5777, dubbed CitrixBleed 2 by one researcher, has been under exploitation and abused to hijack user sessions.…

Add CISA to the list The US Cybersecurity and Infrastructure Security Agency has added its weighty name to the list of parties agreeing that CVE-2025-5777, dubbed CitrixBleed 2 by one researcher, has been under exploitation and abused to hijack user sessions.…

Discover the critical Apache Camel vulnerability (CVE-2025-27636) that allows remote code execution via case-sensitive HTTP header manipulation in the exec component. Learn how attackers exploit this flaw and how to mitigate it. The post CVE-2025-27636 – Remo…

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2025-5777 Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability These types of vulner…

A high-severity security flaw has been disclosed in ServiceNow's platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data infe…

Related content: PAN-SA-2025-0003 Informational: PAN-OS BIOS and Bootloader Security Bulletin (Severity: INFORMATIONAL) CVE-2025-0138 Prisma Cloud Compute Edition: Insufficient Session Expiration Vulnerability in the Web Interface (Severity: LOW) CVE-2025-423…

Related content: PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025) (Severity: HIGH) CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App (Severity: LOW) CVE-2025-4230 PAN-OS: Authenticated Admin Command …

Related content: PAN-SA-2025-0013 Chromium: Monthly Vulnerability Update (July 2025) (Severity: HIGH) CVE-2025-0135 GlobalProtect App on macOS: Non Admin User Can Disable the GlobalProtect App (Severity: LOW) CVE-2025-4230 PAN-OS: Authenticated Admin Command …

Microsoft 2025.07 贋冴130 Microsoft CVE + 10 non-MS CVE禹CVE ⒤紊⒤ ⒢critical (eぇ羞怨糸膩%) 宴 (荐14) AMD L1 Data Queue CVE-2025-36357 AMD Store Queue CVE-2025-36350 Azure Monitor Agent CVE-2025-47988 Capability Access Management Service (camsvc) …

CVE-2025-47981 has the “unfortunate hallmarks of becoming a significant problem,” said WatchTowr’s CEO