Technology ❯ Cybersecurity ❯ Threats

Exploitation

Remote Code Execution Remote Attacks Privilege Escalation Patches Path Traversal CVE-2025-32433 Attack Vectors Code Injection CISA Vulnerabilities Catalog Patching Cyber Espionage In-the-Wild Exploitation Proof of Concept Active Exploitation Remote Access Deserialization Vulnerabilities Unauthorized Access Common Vulnerabilities Authentication Bypass Malicious Payloads CVE-2025-58034 OS Command Injection CVE-2025-9242 Fortinet FortiWeb Vulnerabilities Remote Code Execution Vulnerabilities User Interaction

CISA Flags Actively Exploited WatchGuard Firebox RCE as Patches and IoCs Roll Out

CISA has added the flaw to its exploited-vulnerabilities catalog, setting a December 26 federal patch deadline.

Apple, Google Rush Patches as CISA Flags WebKit Zero‑Day Exploits

JPCERT Confirms Active Exploitation of Array Networks AG Gateways via DesktopDirect Flaw

WordPress King Addons Flaw Actively Exploited to Create Admin Accounts

Fortinet Confirms Second FortiWeb Flaw Under Active Attack as CISA Demands Rapid Fixes

CISA Adds WatchGuard Firewall Remote Code Execution Flaw to KEV, Sets Dec. 3 Patching Deadline

Microsoft Reissues Emergency WSUS Patch as Exploits Spread and CISA Orders Federal Fix

WordPress Service Finder Sites Hit by Mass Exploits of Critical Authentication Bypass

Unity Discloses High-Severity Runtime Flaw, Urges Developers to Update Games and Apps

SolarWinds Ships Third Hotfix for Critical Web Help Desk RCE Bypass

Critical SAP S/4HANA CVE-2025-42957 Now Exploited in the Wild

Google Patches Two Exploited Android Zero-Days in Wide September Update

Cisco Urges Customers to Patch Critical RADIUS Flaw in Firewall Management Center

Trend Micro Releases Mitigation Tool for Critical Apex One Zero-Days

Active Zero-Day Exploit of WordPress Alone Theme Sees Over 120,000 Blocked Attempts

Proof-of-Concept Exploit Revealed for Critical Cisco ISE Vulnerabilities as CISA Sets August 18 Patch Deadline