vulnerabilities

| Software | Mar 21, 2025

A new Veeam backup vulnerability? Let's patch with a similar fix as before

A person applies two plasters to an elbow. Veamm was criticised by security researchers for the patch used for its backup vulnerabilities

A CVSS rated 9.9 vulnerability needs an urgent fix - but is it sufficient?

vmware | Mar 04, 2025

VMware: Critical “VM escape” zero days exploited in wild

"There are no other meaningful workarounds that do not involve updating and restarting..."

Security | Feb 19, 2025

Critical SonicWall SSLVPN authentication bypass exploited in the wild

Bug lets attackers to bypass even accounts with multi-factor authentication enabled.

Patch Tuesday | Feb 11, 2025

Patch Tuesday: A “wormable” LDAP bug and two EOP zero days fixed

Lighter than last month, mercifully, but still some urgent fixes.

Security | Feb 06, 2025

.NET bug being exploited in the wild

".NET Remoting is still around. Even where developers might not expect it such as in ASP.NET web applications, both on-premises and on Azure"

Security | Jan 27, 2025

SonicWall zero day confirmed exploited in the wild

Affected devices “designed as an advanced secure access gateway for medium enterprises, multi-national corporations and managed security service providers (MSSPs.)”

Security | Jan 14, 2025

Fortinet zero day confirmed. CVE allocated. Attackers tunnelling...

Authentication bypass to super admin. Gulp.

| Security | Jan 10, 2025

Ivanti zero day: 2,000 exposed; Anti-forensics draw attention

Factory reset devices after threat hunting even if NO compromise detected says CISA

Security | Jan 09, 2025

Ivanti zero day exploited in the wild - attacks started mid-December

Previously unseen malware being deployed, and UK's NCSC is "investigating cases of active exploitation affecting UK networks"

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();