Multiple security vulnerabilities affecting Sophos firewall products, with two enabling pre-authentication remote code execution that could allow attackers to compromise systems without valid credentials. The vulnerabilities, tracked as CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-13974, and CVE-2024-13973, impact various configurations of Sophos Firewall versions 21.5 GA and older, with automatic hotfixes already deployed to address the most severe […]
The post Critical Sophos Firewall Vulnerabilities Enables pre-auth Remote Code Execution appeared first on Cyber Security News.
This week’s cyber threat landscape is marked by the active exploitation of critical vulnerabilities and the rise of stealthy, socially […]
The post Weekly Threat Landscape Digest – Week 29 appeared first on HawkEye.
BitRaser launched its Integrated Mac Eraser and Diagnostics Tool, a software designed to streamline IT asset disposition (ITAD) processes. The tool allows ITAD providers to simultaneously perform secure data erasure and comprehensive hardware diagnostics on macOS devices, including both Apple M-series and Intel-based Macs. This integrated solution eliminates the inefficiencies of sequential processing for ITADs refurbishing Mac devices with Apple Silicon & Intel chips by enabling simultaneous data erasure and diagnostics. This parallel workflow significantly … More →
The post BitRaser secures data erasure on macOS devices appeared first on Help Net Security.
Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.
The post Disrupting active exploitation of on-premises SharePoint vulnerabilities appeared first on Microsoft Security Blog.
Microsoft has observed two named Chinese nation-state actors, Linen Typhoon and Violet Typhoon, exploiting vulnerabilities targeting internet-facing SharePoint servers. In addition, we have observed another China-based threat actor, tracked as Storm-2603, exploiting these vulnerabilities. Microsoft has released new comprehensive security updates for all supported versions of SharePoint Server (Subscription Edition, 2019, and 2016) that protect customers against these new vulnerabilities. Customers should apply these updates immediately to ensure they are protected.
The post Disrupting active exploitation of on-premises SharePoint vulnerabilities appeared first on Microsoft Security Blog.
Cisco has issued an urgent security advisory warning that a set of critical remote code execution (RCE) vulnerabilities affecting its Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC) products are being actively exploited in the wild. The flaws, tracked as CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, carry the highest possible severity rating, with a CVSS base […]
The post Cisco Alerts on ISE RCE Vulnerability Actively Exploited appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.