Cisco Talos discovered a cyberattack campaign targeting Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. Tracked as CVE-2025-20939, the vulnerability may allow an attacker to execute arbitrary commands with root privileges on the underlying operating system of targeted appliances. The vulnerability has a critical severity rating with a … Continue reading “Cisco Releases Fix for Actively Exploited Zero-day Vulnerability (CVE-2025-20393)”
Apple Warns of Zero-day Vulnerability Exploited in Attack (CVE-2025-43529)
Apple issued security updates for iOS, iPadOS, macOS, and its Safari web browser to address a vulnerability being exploited in the wild. Tracked as CVE-2025-43529, the use-after-free vulnerability exists in WebKit. An attacker may exploit the vulnerability by processing maliciously crafted web content, leading to arbitrary code execution. The vulnerability was addressed with improved memory management. Apple is aware of an active exploitation of a vulnerability in a highly sophisticated attack targeting specific, high-profile individuals on iOS versions before iOS 26.
React Server Components Multiple Vulnerabilities (CVE-2025-55184, CVE-2025-67779, & CVE-2025-55183)
React Server Components (RSC) are vulnerable to two high-severity and one medium-severity vulnerabilities, tracked as CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779. CVE-2025-55184 and CVE-2025-67779 can lead to denial-of-service attacks, while CVE-2025-55183 exposes backend source code, potentially leaking API keys and other sensitive information.
CISA Warns Actively Exploited GeoServer Unauthenticated XML XXE Vulnerability (CVE-2025-58360)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an OSGeo GeoServer vulnerability to its Known Exploited Vulnerabilities Catalog, acknowledging the active exploitation of the vulnerability. Tracked as CVE-2025-58360, the vulnerability has a high severity rating with a CVSS score of 8.2. Successful exploitation of the vulnerability may allow an attacker to retrieve arbitrary files from the server’s file system. GeoServer is an open-source server software written … Continue reading “CISA Warns Actively Exploited GeoServer Unauthenticated XML XXE Vulnerability (CVE-2025-58360)”
Google Patches Zero-day Vulnerability Exploited in Attack (CVE-2025-14174)
Google has issued urgent updates to address another Chrome zero-day vulnerability that is actively being exploited in the wild, making it the eighth security flaw fixed since the beginning of the year.
Ivanti Endpoint Manager (EPM) Multiple Vulnerabilities (CVE-2025-10573, CVE-2025-13659, CVE-2025-13661, & CVE-2025-13662)
Ivanti released a security advisory to address three high-severity vulnerabilities and one critical-severity vulnerability impacting EPM core and remote consoles. Ivanti mentioned in their advisory that they are unaware of any customers being exploited by these vulnerabilities at the time of disclosure.
Fortinet Addresses Critical Vulnerabilities Impacting Multiple Fortinet Products (CVE-2025-59718 & CVE-2025-59719)
Fortinet releases fixes to address two critical vulnerabilities affecting FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager. Tracked as CVE-2025-59718 and CVE-2025-59719, both vulnerabilities have a CVSS score of 9.1. Successful exploitation of the vulnerabilities could lead to improper access control.
Microsoft Patch Tuesday, December 2025 Security Update Review
As the year winds down, Microsoft Patch Tuesday in December arrives with essential fixes and enhancements to close vulnerabilities and boost performance. Here’s a quick breakdown of what you need to know. This month’s release addresses 72 vulnerabilities, including three critical and 55 important-severity vulnerabilities. In this month’s updates, Microsoft has addressed three zero-day vulnerabilities. One of them was exploited, and two were publicly disclosed. Microsoft has addressed 15 vulnerabilities in Microsoft Edge (Chromium-based) in this month’s updates.
React Server Components (RSC) Remote Code Execution Vulnerabilities
On December 3rd, 2025, React disclosed a critical remote code execution (RCE) vulnerability in React Server Components (RSC), tracked as CVE‑2025‑55182. Shortly after, a related vulnerability was confirmed in Next.js App Router, registered as CVE‑2025‑66478. Both issues were assigned a CVSS score of 10.0, indicating the highest severity level. CISA has acknowledged the vulnerability’s active … Continue reading “React Server Components (RSC) Remote Code Execution Vulnerabilities”
Shai-Hulud 2.0 Supply Chain Attack Compromised Major Packages
A renewed and intensified npm supply chain attack campaign linked to the original Shai-Hulud malware is making headlines. This campaign, active from November 21 to 23, 2025, comprises popular npm packages from major publishers, including Maven, Zapier, ENS Domains, PostHog, and Postman. The attackers insert malicious code that executes during the npm package preinstall phase, … Continue reading “Shai-Hulud 2.0 Supply Chain Attack Compromised Major Packages”