EU Cybersecurity Agency ENISA Launches European Vulnerability Database

/in

Experts say the European Vulnerability Database, or EUVD, should be a good resource, but only if ENISA manages to maintain it properly.

The post EU Cybersecurity Agency ENISA Launches European Vulnerability Database appeared first on SecurityWeek.

SecurityWeek – ​Read More

Kosovar Administrator of Cybercrime Marketplace Extradited to US

/in

Kosovo citizen Liridon Masurica has appeared in a US court, facing charges for his role in operating the cybercrime marketplace BlackDB.cc.

The post Kosovar Administrator of Cybercrime Marketplace Extradited to US appeared first on SecurityWeek.

SecurityWeek – ​Read More

Vulnerabilities Patched by Juniper, VMware and Zoom 

/in

Juniper Networks, VMware, and Zoom have announced patches for dozens of vulnerabilities across their products.

The post Vulnerabilities Patched by Juniper, VMware and Zoom  appeared first on SecurityWeek.

SecurityWeek – ​Read More

North Korean IT Workers Are Being Exposed on a Massive Scale

/in

Security researchers are publishing 1,000 email addresses they claim are linked to North Korean IT worker scams that infiltrated Western companies—along with photos of men allegedly involved in the schemes.

Security Latest – ​Read More

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances

/in

Fortinet has patched a dozen vulnerabilities, including a critical flaw exploited in the wild against FortiVoice instances.

The post Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances appeared first on SecurityWeek.

SecurityWeek – ​Read More

INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense

/in

Cary, North Carolina, 14th May 2025, CyberNewsWire

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Microsoft Fixes 78 Flaws, 5 Zero-Days Exploited; CVSS 10 Bug Impacts Azure DevOps Server

/in

Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild.
Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in severity. Twenty-eight of these vulnerabilities lead to remote code execution, 21 of them

The Hacker News – ​Read More

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers

/in

Ivanti has released patches for two EPMM vulnerabilities that have been chained in the wild for remote code execution.

The post Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers appeared first on SecurityWeek.

SecurityWeek – ​Read More

ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact 

/in

Industrial giants Siemens, Schneider Electric and Phoenix Contact have released ICS security advisories on the May 2025 Patch Tuesday.

The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact  appeared first on SecurityWeek.

SecurityWeek – ​Read More

Ivanti Patches EPMM Vulnerabilities Exploited for Remote Code Execution in Limited Attacks

/in

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution.
The vulnerabilities in question are listed below –

CVE-2025-4427 (CVSS score: 5.3) – An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials

The Hacker News – ​Read More