BURST

stories tagged with

#VulnerabilityNews

Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256) – Technical Details Revealed

Cyber Security News

7h ago 5m read

Cisco Secure Firewall Snort 3 Detection Engine Vulnerability Enables DoS Attacks

Cyber Security News

Fri

CVE-2025-8088 – WinRAR 0-Day Path Traversal Vulnerability Exploited to Execute Malware

Cyber Security News

Fri

New HTTP/2 MadeYouReset Vulnerability Enables Large-Scale DDoS Attacks

Cyber Security News

Fri

Cisco Secure Firewall Vulnerability Allows Hackers to Inject Remote Shell Command Injection

Cyber Security News

Fri

Apache Tomcat Vulnerabilities Let Attackers Trigger Dos Attack

Cyber Security News

Thu

Xerox FreeFlow Core Vulnerability Let Remote Attackers Execute Malicious Code – PoC Released

Cyber Security News

Thu

CISA Warns of N-able N-Central Deserialization and Injection Vulnerability Exploited in Attacks

Cyber Security News

Thu

Breaking Windows Out-of-Box-Experience to Gain Command Line Access With Admin Privileges

Cyber Security News

Thu

Microsoft Exchange Server Vulnerabilities Let Attackers Spoof and Tamper Over Network

Cyber Security News

Thu

GitHub Copilot RCE Vulnerability via Prompt Injection Leads to Full System Compromise

Cyber Security News

Thu

Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation

Cyber Security News

Thu

Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code Remotely

Cyber Security News

Wed

FortiWeb Authentication Bypass Vulnerability Let Attackers Log in As Any Existing User

Cyber Security News

Wed

Windows Remote Desktop Services Vulnerability Let Attacker Deny Services Over Network

Cyber Security News

Wed

New Windows 0-Click NTLM Credential Leakage Vulnerability Bypasses Microsoft’s Patch

Cyber Security News

Wed

FortiOS, FortiProxy, and FortiPAM Auth Bypass Vulnerability Allows Attackers to Gain Full Control

Cyber Security News

Wed

Multiple Chrome High-Severity Vulnerabilities Let Attackers Execute Arbitrary Code

Cyber Security News

Wed

Microsoft Teams RCE Vulnerability Let Attackers Read, Write and Delete Messages

Cyber Security News

Tue

17,000+ VMware ESXi Servers Vulnerable to Critical Integer-Overflow Vulnerability

Cyber Security News

Tue

Critical Zoom Clients for Windows Vulnerability Lets Attackers Escalate Privileges

Cyber Security News

Tue 3m read

Ivanti Connect Secure, Policy Secure and ZTA Vulnerabilities Let Attackers Trigger DoS Attack

Cyber Security News

Tue 3m read

7000+ Citrix NetScaler Devices Still Vulnerable to CVE-2025-5777 and CVE-2025-6543

Cyber Security News

Tue 4m read

SAP Security Patch Day – 15 Vulnerabilities Patched including 3 Critical Injection Vulnerabilities

Cyber Security News

Tue 6m read

Critical Vulnerability in Carmaker Portal Let Hackers Unlock the Car Remotely

Cyber Security News

Tue 3m read

Apache bRPC Vulnerability Allows Attackers to Crash the Service via Network

Cyber Security News

Tue 3m read

Smart Bus Systems Vulnerability Let Hackers Remotely Track and Control Vehicles

Cyber Security News

Tue 3m read

Linux Legitimate System Behaviours Weaponized to Harvest Secrets from Shared Environments

Cyber Security News

Tue 3m read

Hackers Weaponized Linux Webcams as Attack Tools to Inject Keystrokes and Launch Attacks

Cyber Security News

Mon

Critical Vulnerabilities Uncovered in Zero Trust Network Access Products of Check Point, Zscaler, and NetSkope

Cyber Security News

Mon

Xerox FreeFlow Vulnerabilities leads to SSRF and RCE Attacks

Cyber Security News

Mon

SSHamble – New Open Source Tool to Exploit Vulnerabilities in SSH Protocol

Cyber Security News

Mon

WinRAR 0-Day in Phishing Attacks to Deploy RomCom Malware

Cyber Security News

Mon

GPT-5 Jailbreaked With Echo Chamber and Storytelling Attacks

Cyber Security News

Mon

7-Zip Arbitrary File Write Vulnerability Allows Attackers to Execute Code

Cyber Security News

Mon

New ‘Win-DoS’ Zero-Click Vulnerabilities Turns Windows Server/Endpoint, Domain Controllers Into DDoS Botnet

Cyber Security News

Sun

ChatGPT Connectors ‘0-click’ Vulnerability Let Attackers Exfiltrate Data From Google Drive

Cyber Security News

Sat 5m read

28,000+ Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online

Cyber Security News

Sat 3m read

ECScape: Exploiting ECS Protocol on EC2 to Exfiltrate Cross-Task IAM and Execution Role Credentials

Cyber Security News

Aug 8 4m read

CISA Releases Emergency Advisory Urges Feds to Patch Exchange Server Vulnerability by Monday

Cyber Security News

Aug 8 4m read

New Ghost Calls Attack Abuses Web Conferencing for Covert Command & Control

Cyber Security News

Aug 7

New Active Directory Lateral Movement Techniques that Bypasses Authentication and Exfiltrate Data

Cyber Security News

Aug 7

HTTP/1.1 Fatal Vulnerability Exposes Millions of Websites to Hostile Takeover

Cyber Security News

Aug 7

Gemini Exploited via Prompt Injection in Google Calendar Invite to Steal Emails, and Control Smart Devices

Cyber Security News

Aug 7

New Microsoft Exchange Server Vulnerability Enables Attackers to Gain Admin Privileges

Cyber Security News

Aug 7

Rockwell Arena Simulation Vulnerabilities Let Attackers Execute Malicious Code Remotely

Cyber Security News

Aug 6

Akira Ransomware Uses Windows Drivers to Bypass AV/EDR in SonicWall Attacks

Cyber Security News

Aug 6

Critical Trend Micro Apex One Management RCE Vulnerability Actively Exploited in the wild

Cyber Security News

Aug 6

New MCPoison Attack Leverages Cursor IDE MCP Validation to Execute Arbitrary System Commands

Cyber Security News

Aug 5

New Streamlit Vulnerability Allows Hackers to Launch Cloud Account Takeover Attacks

Cyber Security News

Aug 5

SonicWall Warns of Escalating Cyberattacks Targeting Gen 7 Firewalls in Last 72 Hours

Cyber Security News

Aug 5 3m read

Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction

Cyber Security News

Aug 5

WAFs protection Bypassed to Execute XSS Payloads Using JS Injection with Parameter Pollution

Cyber Security News

Aug 5

Claude Vulnerabilities Let Attackers Execute Unauthorized Commands With its Own Help

Cyber Security News

Aug 4

New LegalPwn Attack Exploits Gemini, ChatGPT and other AI Tools into Executing Malicious Code via Disclaimers

Cyber Security News

Aug 4

FUJIFILM Printers Vulnerability Let Attackers Trigger DoS Condition

Cyber Security News

Aug 4

Researchers Exploited Google kernelCTF Instances And Debian 12 With A 0-Day

Cyber Security News

Aug 4

Critical HashiCorp Vulnerability Let Attackers Execute Arbitrary Code on Underlying Host

Cyber Security News

Aug 4

NestJS Framework Vulnerability Let Attackers Execute Arbitrary Code in Developers Machine

Cyber Security News

Aug 4

SonicWall Firewall Devices 0-day Vulnerability Actively Exploited by Akira Ransomware

Cyber Security News

Aug 2 3m read

ChatGPT Creates Working Exploit for CVE’s Before Public PoCs Released

Cyber Security News

Apr 23