A recent F5 BIG-IP source code breach has exposed proprietary data and undisclosed vulnerability information after threat actors gained long-term access to the company’s internal systems. The intrusion has been attributed to a highly sophisticated nation-state group, according to an SEC filing published on October 15, 2025. Scope and Impact of the Breach F5 confirmed …
F5 BIG-IP Source Code Breach Tied to Nation-State Hackers Read More »
A critical Service Finder Bookings authentication bypass vulnerability in the WordPress plugin is under active exploitation, with more than 13,800 attack attempts already blocked. The flaw, tracked as CVE-2025-5947, allows unauthenticated attackers to gain access to any user account, including those with administrator privileges. Background and Timeline The vulnerability was first reported through a bug …
Attackers Exploiting Service Finder Bookings Authentication Bypass Vulnerability Read More »
A newly disclosed Redis Lua use-after-free vulnerability may allow remote code execution in Redis versions 8.2.1 and below, posing a serious security risk for users running unpatched instances. Description Redis is an open-source, in-memory database that persists data on disk. Versions 8.2.1 and earlier allow an authenticated user to execute a specially crafted Lua script …
Redis Lua Use-After-Free Vulnerability May Lead to Remote Code Execution Read More »
A recent Palo Alto Networks data breach has exposed customer records and support cases after attackers exploited compromised OAuth tokens from the Salesloft Drift supply chain attack. How the Breach Happened The attackers used stolen authentication tokens to access the company’s Salesforce CRM environment, exfiltrating data such as business contacts, account information, and case records. …
Palo Alto Networks Data Breach Linked to Stolen OAuth Tokens Read More »
The China-linked APT group Salt Typhoon has carried out widespread cyber espionage campaigns, exploiting flaws in edge network devices to infiltrate more than 600 organizations across 80 countries. Global Targets of Salt Typhoon According to a joint cybersecurity advisory backed by 13 nations, Salt Typhoon has been active since at least 2019, compromising telecommunications, government, …
Salt Typhoon Edge Device Attacks Breach 600 Global Organizations Read More »
Cisco has issued urgent security patches for a critical Cisco FMC RADIUS vulnerability that received the maximum CVSS score of 10.0. The flaw, tracked as CVE-2025-20265, affects the RADIUS subsystem in Secure Firewall Management Center (FMC) Software and could let unauthenticated attackers execute arbitrary code remotely. Details of the Cisco FMC RADIUS Vulnerability The vulnerability …
Cisco FMC RADIUS Vulnerability Exposes Systems to Remote Code Execution Read More »
A critical privilege escalation issue, known as the BadSuccessor vulnerability in Windows Server 2025, poses a significant threat to Active Directory (AD) environments. This flaw exploits the newly introduced delegated Managed Service Accounts (dMSAs) feature, enabling attackers to impersonate any AD user, including domain administrators, without altering existing accounts or group memberships. Understanding the BadSuccessor …
BadSuccessor Vulnerability in Windows Server 2025 Allows AD User Impersonation Read More »
A critical vulnerability in VMware vCenter Server has been disclosed by VMware. Tracked as CVE-2025-41225, the flaw allows authenticated users to execute arbitrary system commands by leveraging the alarm script feature. The issue is classified as high severity and affects multiple VMware platforms. Vulnerability Summary: The VMware vCenter Server command execution vulnerability is caused by …
Authenticated Command Execution Flaw in VMware vCenter Server (CVE-2025-41225) Read More »
FortiOS authentication bypass vulnerabilities can expose critical infrastructure to administrative compromise. A newly disclosed flaw, CVE-2025-22252, affects multiple Fortinet products configured to use TACACS+ with ASCII authentication. The issue allows attackers to bypass login mechanisms and gain privileged access, putting entire network environments at risk. Vulnerability Summary Affected Products and Versions Fortinet confirms the following …
Authentication Bypass in FortiOS Affects TACACS+ Configurations Read More »
Microsoft’s May 2025 Patch Tuesday addressed two critical Windows RDP Buffer Overflow vulnerabilities, identified as CVE-2025-29966 and CVE-2025-29967. Both enable remote code execution over the network through heap memory corruption. Both flaws are classified under CWE-122: Heap-based Buffer Overflow. Affected Components The vulnerabilities exist across multiple Windows OS versions that support RDP, including client and …
Windows RDP Buffer Overflow Enables Remote Code Execution Read More »
