SecurityWeek6d
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
Ivanti confirms zero-day exploitation of a remotely exploitable code execution vulnerability (CVE-2025-0282) in its Connect ...
Infosecurity-magazine.com5d
Fancy Product Designer Plugin Flaws Expose WordPress Sites
Critical Fancy Product Designer plugin flaws risk remote code execution and SQL injection attacks on WordPress sites ...
Ars Technica1mon
Critical WordPress plugin vulnerability under active exploit threatens thousands
Thousands of sites running WordPress remain unpatched against a critical security flaw in a widely used plugin that was being actively exploited in attacks that allow for unauthenticated execution ...
CSOonline11d
Critical Windows LDAP flaw could lead to crashed servers, RCE attacks
Patch Tuesday server updates have not yet been installed, it’s time to do so to avoid DoS or RCE attacks on Active Directory ...
CSOonline6d
Critical Mitel, Oracle flaws find active exploitation, CISA urges patching
CISA added the flaws to its known vulnerability catalog, recommending swift patching pursuant to Binding Operational ...