Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras

Mirai-based botnets are exploiting a zero-day flaw, tracked as CVE-2025-1316, in Edimax IP cameras, to achieve remote command execution. US CISA warns that multiple botnets are exploiting a recently disclosed vulnerability, tracked as CVE-2025-1316 (CVSS score of 9.8), in Edimax IC-7100 IP cameras. The issue is an Improper Neutralization of Special Elements used in an […]

WordPress Plugin Vulnerability Exposes 10,000 Sites to Code Execution Attacks

itsecuritynews.info - 05/Mar 15:04

A critical security flaw in the GiveWP Donation Plugin tracked as CVE-2025-0912, has exposed over 100,000 WordPress websites to unauthenticated remote...

U.S. CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog

securityaffairs.co - 23/Feb 15:07

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Power Pages vulnerability to its Known Exploited Vulnerabilities catalog....

CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild

itsecuritynews.info - 26/Feb 05:33

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory on February 25, 2025, confirming that threat actors are...

Unpatched Edimax IP camera flaw actively exploited in botnet attacks

bleepingcomputer.com - 07/Mar 18:36

A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise...

Elastic patches critical Kibana flaw allowing code execution

securityaffairs.co - 06/Mar 21:35

Elastic fixed a critical flaw in the Kibana data visualization dashboard software for Elasticsearch that could lead to arbitrary code execution....

Windows KDC Proxy RCE Vulnerability Allows Remote Server Takeover

itsecuritynews.info - 05/Mar 06:03

A recently patched remote code execution (RCE) vulnerability in Microsoft Windows’ Key Distribution Center (KDC) Proxy implementation allows...

Google Released PoC for CVE-2025-0110 PAN OS Flaw

thecyberthrone.in - 23/Feb 14:25

Google’s Project Zero and Mandiant cybersecurity teams have jointly released a proof-of-concept (PoC) exploit for a significant security...

PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability

itsecuritynews.info - 24/Feb 05:32

Security researchers have disclosed critical details about CVE-2025-20029, a command injection vulnerability in F5’s BIG-IP Traffic Management...

VMware fixed three actively exploited zero-days in ESX products

securityaffairs.co - 04/Mar 23:39

Broadcom has addressed three VMware zero-day vulnerabilities in ESX products that are actively exploited in the wild. Broadcom released security...

CVE-2024-4577 impacts PHP and exploited in wild

thecyberthrone.in - 12:04

CVE-2024-4577 is a critical Remote Code Execution (RCE) vulnerability affecting PHP when running in CGI mode on Windows systems with Apache. This flaw...

Rubriques :