New Critical Microsoft IE Zero-Day Exploits in Metasploit We've been noticing a lot of exploit activities against Microsoft vulnerabilities lately. We decided to look into some of these attacks, and released two modules for CVE-2012-1889 [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-20...
Read about the latest risks regarding Vulnerabilities and exploits, and find helpful solutions from the digital security experts at Microsoft Security Blog.
Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities ( KEV ) catalog after reports emerged of active exploitation in the wild. The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. ...
"Unlike the common XSS attacks, UXSS is a type of attack that exploits client-side vulnerabilities in the browser or browser extensions in order to generate an XSS condition, and execute malicious code," CyberXplore researchers said in a write-up shared with The Hacker News. "When such ...
Microsoft recently rolled out a security update with Edge version 124.0.2478.97 in Stable Channel to fix two vulnerabilities.
Rapid7’s cybersecurity experts break down the latest vulnerabilities, exploits, and attacks. Detect threats faster with trusted news, insights & threat intel.
This update follows Apple's ongoing efforts to shore up security. Earlier in the year, it patched two other zero-day vulnerabilities, CVE-2025-24085 and CVE-2025-24200. The quick response demonstrates Apple's vigilance in addressing security threats and reducing the risk of further exploits. ...
Rapid7’s cybersecurity experts break down the latest vulnerabilities, exploits, and attacks. Detect threats faster with trusted news, insights & threat intel.
NOV 21,2024 SEVERITY: Critical Palo Alto Networks Management Interface Attack Type: Attack What is the Palo Alto Networks Management Interface Attack?Palo Alto Networks has recently disclosed two zero-day vulnerabilities, CVE-2024-0012 and CVE-2024-9474, affecting the PAN-OS Firewall and other pro...
Two of the active exploits are information disclosure vulnerabilities, both in Windows NTFS. CVE-2025-24984 allows bad actors with physical access to a device to read memory and steal data when a malicious USB drive is inserted, while CVE-2025-24991 is exploited when a user mounts a malicious...