Lmst

🚨 Critical GeoServer RCE Vulnerability Exposes Thousands of Servers

🔗 https://wardenshield.com/critical-remote-code-execution-vulnerability-exposes-thousands-of-geoserver-instances

#GeoServer #CVE202436401 #CyberSecurity #RemoteCodeExecution #Infosec #DataProtection #PatchNow #WardenShield

Critical security flaws discovered in VMware core products including vCenter Server and ESXi. Vulnerabilities could allow command execution and service disruption. Updates available now to protect your infrastructure.

#SecurityLand #CyberWatch #Broadcom #VMware #Vulnerability #PatchNow #SecurityVulnerability #Technology

🚨 Firefox just patched 2 critical zero-days exploited at #Pwn2Own Berlin! 🦊💻 Hackers earned $100K for finding flaws that could expose sensitive data or enable code execution. Users are urged to update ASAP for protection! 🔒 Read more: https://thehackernews.com/2025/05/firefox-patches-2-zero-days-exploited.html #CyberSecurity #ZeroDay #Firefox #PatchNow #newz

Urgent: VMware Tools vulnerability (CVE-2025-22247) allows VM tampering; update to 12.5.2 immediately. #VMware #Vulnerability #PatchNow

More details: https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25683 - https://www.flagthis.com/news/14930

It's PatchDay again!
5 (!) ausgenutzte ZeroDays gefixt.
Updaten!
#Windows #microsoft #PatchNOW #patchdayMai2025 #FediLZ

SonicWall just patched 3 serious SMA 100 flaws. If chained, they grant root RCE. One (CVE-2025-32819) bypasses an old patch and could be an active zero-day. Update to 10.2.1.15-81sv fast. #SonicWall #CyberSecurity #PatchNow

SonicWall Fixes 3 SMA 100 Flaws: Stop Root Access Now.

Critical Android zero-day vulnerability (CVE-2025-27363) patched; update your devices now! #AndroidSecurity #ZeroDay #PatchNow

More details: https://cyberscoop.com/android-security-update-may-2025 - https://www.flagthis.com/news/14567

Alright, SysAid, SysAid, SysAid... that name definitely rings a bell, doesn't it? 😅 Another RCE? And it's Pre-Auth? Sounds like a field day for us pentesters, but probably a major headache for all you admins out there! We're talking XXE Injections, SSRF, and even admin passwords just sitting there in plaintext – the whole nine yards. 🤦‍♂️

Seriously, plaintext passwords in a `.cmd` file? Oof. That's not just a red flag; that's a blaring siren! 🚨 You absolutely need to get your SysAid installations patched up to 24.4.60 b16! And do it ASAP! ☝️

Now, automated scans? They're pretty handy, sure, but they're no substitute for a pair of experienced human eyes. Especially when you're dealing with chained exploits, 'cause those can be super tricky. And let's not forget, Cl0p has had SysAid in their crosshairs before! 💀 We don't want a repeat performance.

So, spill the beans: Are you running SysAid? Have you managed to get it updated yet? And what's your strategy for keeping XXE at bay? Curious to hear your thoughts! 🤔

#SysAid #Pentesting #RCE #Cybersecurity #PatchNow

Heads up SonicWall SMA100 admins: Two patched vulns CVE-2023-44221/CVE-2024-38475 are actively exploited in the wild. Attackers chain them for system access. Update ASAP & check for suspicious activity.

#SonicWall #CyberSecurity #PatchNow

Patch Now: SonicWall SMA 100 Vulnerabilities Are Being Exploited.

Alright folks, heads up! CISA just added two vulnerabilities to their actively exploited list: one in Brocade Fabric OS (CVE-2025-1976) and another in Commvault Web Server (CVE-2025-3928). 💥

What's the takeaway? Patch these ASAP! Seriously, don't delay, because leaving these unpatched basically rolls out the red carpet for attackers.

We're talking nasty code injection possibilities with the Brocade flaw, and equally unwelcome web shell access via the Commvault issue. Definitely not something you want to deal with. 😅

So, the big question: have you already checked if your systems are potentially exposed? Better safe than sorry!

#Cybersecurity #InfoSec #PatchNow #VulnerabilityManagement #CVE

🚨 Critical router warning for ASUS users

ASUS has disclosed a major vulnerability in routers running AiCloud, urging immediate patching to prevent remote code execution risks.

- Tracked as CVE-2025-2492
- CVSS score: 9.2 (critical)
- Affected firmware series: 3.0.0.4_382, 3.0.0.4_386, 3.0.0.4_388, 3.0.0.6_102
- Exploitable via a crafted request

If unpatched, this flaw could allow attackers to take control of affected routers remotely — exposing networks to further compromise.

ASUS has released firmware fixes and offered urgent advice:
- Update your router firmware from the official support site
- Use strong, unique passwords for Wi-Fi and router admin
- Disable AiCloud and all remote-access features if patching is not immediately possible

This issue does not affect general ASUS hardware — it is limited to certain router firmware versions with AiCloud enabled. But the severity of the bug makes it essential to act fast.

Cyber hygiene starts at the network level. A vulnerable router could be the weakest link in an otherwise secure setup.

🛡️ Always keep firmware up to date
🔒 Avoid using default or repeated passwords
🌐 Disable unnecessary services from WAN access

#Cybersecurity #ASUS #RouterSecurity #PatchNow #NetworkSecurity

Heads up, security folks!
There’s a fresh CVE out in the wild—CVE-2025-24054—and it’s not messing around.

This one abuses Windows .library-ms files to sneakily leak your NTLMv2 hashes. Just previewing a malicious file could trigger it—no clicks needed. Yep, that easy for attackers to get their foot in the door.

The kicker? It’s already being exploited in the wild, just days after Microsoft’s patch dropped in March. First targets were spotted in Poland and Romania, but we all know these things don’t stay local for long.

What to do:
• Patch now (if you haven’t already).
• Block suspicious SMB traffic.
• Rethink NTLM—disable it where you can.

Full breakdown from Check Point here:
https://research.checkpoint.com/2025/cve-2025-24054-ntlm-exploit-in-the-wild/

#CyberSecurity #Infosec #Windows #NTLM #CVE202524054 #BlueTeam #PatchNow

🚨 Cyber gaps are leaving doors wide open!
🔓 84% of orgs were breached—yet many delay patching and rely on weak scans.
🛑 Compliance ≠ security.
It’s time to get proactive about cyber resilience.

#CyberSecurity #VulnerabilityManagement #InfoSec #PatchNow
👉 https://www.darkreading.com/cyberattacks-data-breaches/cybersecurity-gaps-leave-doors-wide-open

A critical vulnerability in Windows File Explorer (CVE-2025-24071) could lead to network hijacking. Patch your systems immediately with the latest Microsoft updates!

#SecurityLand #CyberWatch #WindowsSecurity #Vulnerability #Cybersecurity #PatchNow

https://www.security.land/critical-windows-file-explorer-vulnerability-exposes-network-authentication-credentials/

Недавно была обнаружена критическая уязвимость в программном обеспечении MegaRAC Baseboard Management Controller (BMC) от American Megatrends International (AMI), используемом в серверах таких производителей, как HPE, Asus и ASRock.
**Описание уязвимости:**
Уязвимость, получившая идентификатор CVE-2024-54085, позволяет удалённым неаутентифицированным злоумышленникам получить полный контроль над уязвимыми серверами. Атака может быть осуществлена через интерфейсы удалённого управления, такие как Redfish, и не требует сложных технических навыков или взаимодействия с пользователем.
**Возможные последствия эксплуатации:**
- Удалённое управление сервером, включая развёртывание вредоносного ПО или программ-вымогателей.
- Модификация прошивки, что может привести к повреждению компонентов материнской платы, таких как BMC или BIOS/UEFI.
- Физическое повреждение сервера, например, через создание условий перенапряжения или постоянные циклы перезагрузки, которые невозможно остановить без физического вмешательства.
**Рекомендации:**
Администраторам и владельцам серверов рекомендуется:
- Ограничить доступ к интерфейсам удалённого управления (например, Redfish) только доверенным сетям.
- Регулярно обновлять прошивки BMC до последних версий, содержащих исправления безопасности.
- Мониторить сетевой трафик на предмет подозрительной активности, связанной с BMC.
Для получения дополнительной информации и технических деталей рекомендуется ознакомиться с полным отчётом компании Eclypsium.

**Bleeping Computer** – *Critical AMI MegaRAC bug can let attackers hijack, brick servers*
Источник
**Eclypsium** – Исследование уязвимости в MegaRAC BMC (официальный отчёт)
Источник
**NIST National Vulnerability Database (NVD)** – Запись о CVE-2024-54085
Источник
**Hewlett Packard Enterprise (HPE) Security Advisories** – Сообщения о безопасности серверных продуктов
Источник
**Asus и ASRock Security Bulletins** – Информация об уязвимости в серверных материнских платах
Источник (Asus)
Источник (ASRock)

**Рекомендации по защите от уязвимости AMI MegaRAC (CVE-2024-54085)**
**Обновление прошивки** – Немедленно проверить и обновить BMC-прошивку до последней версии, содержащей исправления.
**Ограничение доступа** – Отключить удалённые интерфейсы управления (Redfish, IPMI) от внешних сетей и ограничить доступ только доверенным IP-адресам.
**Мониторинг активности** – Настроить логирование и мониторинг попыток несанкционированного доступа к BMC.
**Сегментирование сети** – Разместить BMC в отдельной изолированной сети, недоступной из интернета.
**Использование VPN** – Если удалённый доступ к BMC необходим, использовать безопасное подключение через VPN.
**Жёсткая аутентификация** – Включить двухфакторную аутентификацию (2FA) и сменить стандартные пароли.
**Аудит уязвимых устройств** – Проверить список серверов в инфраструктуре, использующих MegaRAC BMC, и оценить их уязвимость.
**Хэштеги**
#CyberSecurity #Infosec #CVE202454085 #MegaRAC #BMC #ServerSecurity #Vulnerability #DataProtection #Redfish #ITSecurity #PatchNOW

Meta Alerts Users About Actively Exploited Freetype Vulnerability

#CyberSecurity #FreeType #CVE2025 #OpenSourceSecurity #SoftwareVulnerabilities #SecurityAlert #Meta #PatchNow

https://winbuzzer.com/2025/03/14/meta-alerts-users-about-actively-exploited-freetype-vulnerability-xcxwbn/

https://thehackernews.com/2025/02/microsofts-patch-tuesday-fixes-63-flaws.html #cybersecurity #Windows #vulnerabilities #patchnow

La Agencia CISA de EEUU ha actualizado recientemente su Catálogo de Vulnerabilidades Explotadas Conocidas (KEV) añadiendo varias vulnerabilidades nuevas que han sido explotadas activamente por los ciberdelincuentes. https://www.monkeyslab.cl/2025/02/05/cisa-actualiza-el-catalogo-de-kev-con-vulnerabilidades-de-alta-gravedad-parche-ahora/ #cybersecurity #PatchNow