VulnCheck

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) – updated!
Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been …

Funding uncertainty may spell the end of MITRE’s CVE program
The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal …

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)
Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the …

Swap EOL Zyxel routers, upgrade Netgear ones!
There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting …

Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, …

VulnCheck IP Intelligence identifies vulnerable internet-connected infrastructure
VulnCheck launched IP Intelligence, a new feature set designed to provide real-time tracking of attacker infrastructure and vulnerable IP’s on the internet. VulnCheck IP …

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)
Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now …

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While …
Featured news
Resources
Don't miss
- Can AI agents catch what your SOC misses?
- What the GitGuardian secrets sprawl report reveals about leaked credentials
- KillChainGraph: Researchers test machine learning framework for mapping attacker behavior
- AIDEFEND: Free AI defense framework
- Boards are being told to rethink their role in cybersecurity