Coverage
Vulnerabilities
754 articles on vulnerability disclosures and exploits
Advertisement
CVE-2025-13957: Hard-coded Credentials in Schneider EcoStruxure DCE
Hard-coded credentials in Schneider Electric EcoStruxure Data Center Expert v9.0 and prior (CVE-2025-13957) allow information disclosure and RCE if SOCKS Proxy is
Siemens SICAM SIAPP SDK RCE and DoS Vulnerabilities: Patch Guide
Siemens releases security updates for SICAM SIAPP SDK versions prior to 2.1.7 to address high-severity RCE, command injection, and buffer overflow flaws.
_Tithi_Luadthong_alamy.png?width=1280&auto=webp&quality=80&disable=upscale)
Warlock Ransomware: BYOVD Techniques and Post-Exploitation Analysis
The Warlock ransomware group has evolved its tactics, utilizing BYOVD techniques and stealthy cross-network activity to bypass EDR and security controls.
Hiding Malicious Commands from AI via Font-Rendering Manipulation
Learn how attackers use font-rendering tricks to bypass AI safety filters and execute prompt injection attacks against LLM-powered assistants.
Windows 11 24H2 Samsung Galaxy Book C: Drive Access Fix
Microsoft releases technical guidance to resolve C: drive access denied errors and application failures on Samsung Galaxy Book devices running Windows 11.
CVE-2025-47813: CISA Warns of Wing FTP Server Path Leakage Exploitation
CISA adds CVE-2025-47813 to its KEV catalog, highlighting active exploitation of a Wing FTP Server information disclosure flaw that leaks internal server paths.
CVE-2025-47813: Wing FTP Server Information Disclosure Added to KEV
CISA adds CVE-2025-47813 to the Known Exploited Vulnerabilities catalog, signaling active exploitation of Wing FTP Server. Immediate patching is required.
CVE-2024-50498: Wing FTP Server Exploited in RCE Chains — Patch Now
CISA adds CVE-2024-50498 to its KEV catalog after reports of active exploitation. Learn how to secure Wing FTP Server versions prior to 7.5.0 from RCE chains.
2025 Ransomware TTP Analysis: Virtualization and Data Theft Trends
Analysis of shifting ransomware TTPs in 2025, highlighting the surge in data theft extortion, virtualization targeting, and exploitation of edge vulnerabilities.
Oracle EBS Exploitation: Risks to Enterprise Financial Integrity
Analysis of the Oracle EBS hack affecting major corporations and the technical risks associated with unpatched ERP systems and financial data theft.
Chrome Zero-Days and Router Botnets: Weekly Threat Intel Recap
Analysis of the latest Chrome zero-day vulnerabilities, router botnet infrastructure risks, and AWS cloud security breaches from March 2026.
Windows 11 24H2 RRAS RCE: Microsoft Issues OOB Hotpatch Fix
Microsoft releases an out-of-band hotpatch for Windows 11 24H2 to address critical RRAS remote code execution vulnerabilities CVE-2024-43513 and CVE-2024-49053.