Please turn on your JavaScript for this page to function normally.
Lanscope Endpoint Manager
Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)

CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day …

Cisco
Hackers used Cisco zero-day to plant rootkits on network switches (CVE-2025-20352)

Threat actors have leveraged a recently patched IOS/IOS XE vulnerability (CVE-2025-20352) to deploy Linux rootkits on vulnerable Cisco network devices. “The operation …

SAP
SAP zero-day wake-up call: Why ERP systems need a unified defense

In this Help Net Security video, Paul Laudanski, Director of Research at Onapsis, discusses key lessons from the SAP zero-day vulnerability. He explains why business-critical …

CentreStack
Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)

CVE-2025-11371, an unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited by …

Cisco
Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts

Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive …

Fortra GoAnywhere
Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)

CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch …

Cisco
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks

A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and …

Cisco
Cisco fixes IOS/IOS XE zero-day exploited by attackers (CVE-2025-20352)

Cisco has fixed 14 vulnerabilities in IOS and IOS XE software, among them CVE-2025-20352, a high-severity vulnerability that has been exploited in zero-day attacks. About …

email
Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)

Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company …

Google Chrome
Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)

Google has released a security update for the Chrome stable channel to fix a zero‑day vulnerability (CVE-2025-10585) reported by its Threat Analysis Group (TAG) on Tuesday. …

Sitecore
Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)

A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several …

Netscaler
NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) – updated!

Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools