Technology ❯ Cybersecurity ❯ Threats

Exploitation

Remote Code Execution Remote Attacks Privilege Escalation Remote Access Unauthorized Access Path Traversal CVE-2025-32433 Attack Vectors DNS Hijacking Code Injection CISA Vulnerabilities Catalog Patching Cyber Espionage In-the-Wild Exploitation Vulnerabilities Active Exploitation Deserialization Vulnerabilities Common Vulnerabilities Proof of Concept Malicious Payloads CVE-2025-58034 OS Command Injection CVE-2025-9242 Mitigation Strategies Fortinet FortiWeb CVE-2020-12812 Remote Exploitation HTTP Requests Malicious Accounts CVE-2024-37079 CVE-2025-59718 Authentication Bypass Remote Code Execution Vulnerabilities User Interaction Patches Authenticated Attacks

BeyondTrust Pre-Auth RCE Is Now Being Exploited in the Wild

Active exploitation tied to a public PoC puts unpatched on-premises appliances at immediate risk.

BeyondTrust Patches Critical Pre-Auth RCE in Remote Access Tools

Fortinet Begins Patching Actively Exploited FortiCloud SSO Bypass as CISA Sets Jan. 30 Deadline

CISA Warns VMware vCenter Flaw Is Under Attack, Sets Federal Patch Deadline

Fortinet Confirms FortiCloud SSO Bypass Hitting Fully Patched FortiGate Firewalls

Cisco Patches Actively Exploited RCE in Unified Communications and Webex Calling

ServiceNow Discloses and Patches Critical AI Platform Flaw Allowing User Impersonation

Critical 'Ni8mare' Flaw Exposes n8n Servers to Full Takeover as Scans Surge

Active Attacks Target Critical Vulnerability in Legacy D-Link DSL Routers

CERT/CC Discloses Unpatched TOTOLINK EX200 Flaw That Enables Root Telnet Takeover

CISA Orders Federal Agencies to Patch Actively Exploited MongoDB ‘MongoBleed’ Flaw

CISA Flags Actively Exploited WatchGuard Firebox RCE as Patches and IoCs Roll Out

Apple, Google Rush Patches as CISA Flags WebKit Zero‑Day Exploits

JPCERT Confirms Active Exploitation of Array Networks AG Gateways via DesktopDirect Flaw

WordPress King Addons Flaw Actively Exploited to Create Admin Accounts

Fortinet Confirms Second FortiWeb Flaw Under Active Attack as CISA Demands Rapid Fixes

CISA Adds WatchGuard Firewall Remote Code Execution Flaw to KEV, Sets Dec. 3 Patching Deadline

Microsoft Reissues Emergency WSUS Patch as Exploits Spread and CISA Orders Federal Fix

WordPress Service Finder Sites Hit by Mass Exploits of Critical Authentication Bypass

Unity Discloses High-Severity Runtime Flaw, Urges Developers to Update Games and Apps