Vulnerabilities | KITEFALL

Gigabyte UEFI Firmware Vulnerability Let Attackers Execute Arbitrary Code in the SMM Environment 2025-07-15 16:31 Cyber Security News
2.3 Million Times Downloaded LaRecipe Tool Vulnerability Let Attackers Take Full Control Of Servers 2025-07-15 16:30 Cyber Security News
Critical UEFI vulnerabilities found in Gigabyte motherboards — allow attackers to bypass Secure Boot and install firmware backdoors 2025-07-15 15:34 Tom's Hardware
An attacker using a $500 radio setup could potentially trigger train brake failures or derailments from a distance 2025-07-15 13:42 Security Affairs
Google is doubling down on cybersecurity using AI 2025-07-15 13:37 Android Central
Exploited Wing file transfer bug risks ‘total server compromise,’ CISA warns 2025-07-15 13:07 The Record
20-Year-Old Vulnerability Allows Hackers to Control Train Brakes 2025-07-15 12:05 Cyber Security News
Symantec Endpoint Management Suite Vulnerability Allows Malicious Code Execution Remotely 2025-07-15 12:04 Cyber Security News
CISA Warns of Wing FTP Server Vulnerability Actively Exploited in Attacks 2025-07-15 12:04 Cyber Security News
PoC Exploit Released for High-Severity Git CLI Arbitrary File Write Vulnerability 2025-07-15 12:04 Cyber Security News
CISA Issues Alert on Actively Exploited Wing FTP Server Vulnerability 2025-07-15 12:01 GBHackers
CISA Flags Remote Linking Protocol Flaws Allowing Attackers to Hijack Train Brake Systems 2025-07-15 12:01 GBHackers
Critical RCE Vulnerability Found in Symantec Endpoint Management Platform 2025-07-15 12:01 GBHackers
ImageMagick Vulnerability Enables RCE via Malicious File Name Patterns 2025-07-15 12:00 GBHackers
PoC Released for High-Severity Git CLI Vulnerability Allowing Arbitrary File Writes 2025-07-15 12:00 GBHackers
LaRecipe Tool with 2.3M Downloads Found Vulnerable to Full Server Takeover 2025-07-15 11:59 GBHackers
Windows 11 flaw lets hackers bypass Secure Boot protections 2025-07-15 08:09 Fox News
Security vulnerability on U.S. trains that let anyone activate the brakes on the rear car was known for 13 years — operators refused to fix the issue until now 2025-07-13 12:29 Tom's Hardware
Fortinet FortiWeb Fabric Connector Flaw Enables Remote Code Execution 2025-07-13 10:04 GBHackers
Over 600 Laravel Apps Exposed to Remote Code Execution Due to Leaked APP_KEYs on GitHub 2025-07-12 12:45 The Hacker News
Google fixes another Chrome security flaw being actively exploited 2025-07-11 18:00 Fox News
AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets 2025-07-11 14:50 Cyber Security News
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257) 2025-07-11 14:38 The Hacker News
Critical Wing FTP Server vulnerability exploited in the wild (CVE-2025-47812) 2025-07-11 13:14 Help Net Security
PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution 2025-07-11 12:10 The Hacker News
Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild 2025-07-11 10:58 The Hacker News
Ruckus Networks security flaws left unpatched, putting thousands of devices at risk 2025-07-11 10:46 TechRadar Pro
Hackers Actively Exploiting CitrixBleed 2 Vulnerability in the Wild 2025-07-11 09:42 Cyber Security News
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises 2025-07-11 09:02 The Hacker News
Critical D-Link Vulnerability Lets Remote Attackers Crash Servers Without Authentication 2025-07-11 07:49 GBHackers
Laravel APP_KEY Flaw Exploited to Trigger Remote Code Execution on Hundreds of Apps 2025-07-11 07:27 GBHackers
Palo Alto Networks GlobalProtect Vulnerability Enabling Root-Level Access 2025-07-11 07:27 GBHackers
Juniper Junos OS Flaw Allows Attackers to Cause Denial of Service 2025-07-11 07:27 GBHackers
Git Regression Security Fix 2025-07-11 05:30 Linux Security
Schneider Electric Flaws Expose Systems to OS Command Injection Attacks 2025-07-11 01:34 GBHackers
Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands 2025-07-11 00:47 Cyber Security News
Breach Roundup: I'm Lovin' McDonald's '123456' Password 2025-07-11 00:30 Bank Information Security - New Jersey
Critical mcp-remote Vulnerability Exposes LLM Clients to Remote Code Execution Attacks 2025-07-10 20:37 Cyber Security News
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads 2025-07-10 20:14 The Hacker News
Race condition in nopCommerce gift cards enables repeated use 2025-07-10 19:18 SecurityBrief
Ruckus network management solutions riddled with unpatched vulnerabilities 2025-07-10 18:11 Help Net Security
GitLab Vulnerabilities Allow Execution of Malicious Actions via Content Injection 2025-07-10 17:22 GBHackers
Critical Ruckus Wireless Flaws Threaten Enterprise Wi‑Fi Security 2025-07-10 17:22 GBHackers
Critical Bluetooth Protocol Vulnerabilities Expose Devices to RCE Attacks 2025-07-10 17:22 GBHackers
Critical Ruckus Wireless Vulnerabilities Exposes Enterprise Wireless Networks 2025-07-10 16:41 Cyber Security News
GitLab Vulnerabilities Let Attackers Execute Actions by Injecting Malicious Content 2025-07-10 16:41 Cyber Security News
Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges 2025-07-10 16:41 Cyber Security News
Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners 2025-07-10 16:37 GBHackers
CISA Warns ValveLink Products May Expose Sensitive System Information 2025-07-10 16:37 GBHackers
ServiceNow Platform Vulnerability Enables Attackers to Exfiltrate Sensitive Data 2025-07-10 16:37 GBHackers
Microsoft Patches 137 CVEs in July, but No Zero-Days 2025-07-10 16:28 Dark Reading
AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs 2025-07-10 16:13 The Hacker News
Hackers Exploiting GeoServer RCE Vulnerability to Deploy CoinMiner 2025-07-10 14:45 Cyber Security News
AMD warns worrying new Spectre, Meltdown-esque flaw could affect top CPUs - here's what we know" target="_self" data-before-rewrite-localise="/pro/security/amd-uncovers-new-spectre-meltdown-esque-flaw-affecting-cpus-heres-what-we-know 2025-07-10 13:57 TechRadar
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs 2025-07-10 11:00 The Hacker News
Critical mcp‑remote Vulnerability Enables LLM Clients to Remote Code Execution 2025-07-10 05:42 GBHackers
20465-1 2025-07-10 03:18 Linux Security
2025:20464-1 moderate: openssl-3 timing side-channel 2025-07-10 03:18 Linux Security
Serious Flaws Patched in Model Context Protocol Tools 2025-07-10 00:35 Bank Information Security - New Jersey
Exploit details released for Citrix Bleed 2 flaw affecting NetScaler 2025-07-10 00:28 CSO
Chinese Hackers Exploit Microsoft Exchange Servers to Steal COVID-19 Research Data 2025-07-09 22:50 Cyber Security News
Splunk Address Third-Party Packages Vulnerabilities in SOAR Versions – Update Now 2025-07-09 22:50 Cyber Security News
Microsoft Patches Wormable RCE Vulnerability in Windows Client and Server 2025-07-09 22:50 Cyber Security News
Microsoft Fixes Wormable Remote Code Execution Flaw in Windows and Server 2025-07-09 22:44 GBHackers
Microsoft just gave a big reason to upgrade to Windows 11 24H2 with faster, more secure web 2025-07-09 22:08 Neowin.net
CISA Flags Four Actively Exploited Flaws, Urges Swift Remediation 2025-07-09 19:49 Information Security Buzz
Windows BitLocker Bypass Vulnerability Let Attackers Bypass Security Feature 2025-07-09 16:12 Cyber Security News
Hundreds of DVRs and routers are being hijacked to form another major botnet 2025-07-09 16:07 TechRadar Pro
Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server 2025-07-09 15:16 The Hacker News
Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks 2025-07-09 15:16 The Hacker News
Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) 2025-07-09 15:11 Help Net Security
Microsoft Patch Tuesday: One Zero-Day and A Potential 'Wormable' Flaw 2025-07-09 14:55 Infosecurity Magazine
Suspected Hacker Linked to Silk Typhoon Arrested in Milan 2025-07-09 13:05 Dark Reading
Splunk Enterprise Addresses Vulnerabilities in Bundled Third-Party Packages – Update Now 2025-07-09 12:46 GBHackers
Splunk SOAR Addresses Vulnerabilities in Third-Party Packages – Update Now 2025-07-09 12:46 GBHackers
Multiple Apache Tomcat Vulnerabilities Let Attackers Trigger DoS Attacks 2025-07-09 12:25 Cyber Security News
New Android TapTrap Attack Let Malicious Apps Bypass Permission and Carry out Destructive Actions 2025-07-09 12:25 Cyber Security News
Citrix Windows Virtual Delivery Agent Vulnerability Let Attackers Gain SYSTEM Privileges 2025-07-09 12:25 Cyber Security News
Citrix Windows Virtual Delivery Agent Vulnerability Lets Attackers Escalate to SYSTEM Privileges 2025-07-09 12:24 GBHackers
Windows BitLocker Vulnerability Lets Attackers Bypass Security Protections 2025-07-09 12:24 GBHackers
Critical CitrixBleed 2 vulnerability has been under active exploit for weeks 2025-07-09 12:23 Ars Technica
Microsoft targets 130 vulnerabilities on July Patch Tuesday 2025-07-09 09:18 mHealthIntelligence
Patch Tuesday: Microsoft Addresses 137 Vulnerabilities, Including High-Severity SQL Server RCE 2025-07-09 08:45 TechRepublic
Microsoft SQL Server 0-Day Vulnerability Exposes Sensitive Data Over Network 2025-07-09 07:05 Cyber Security News
Microsoft Remote Desktop Client Vulnerability Let Attackers Execute Remote Code 2025-07-09 07:05 Cyber Security News
Delete Every Chrome And Edge Extension That’s On This List 2025-07-09 06:48 Forbes
Zoom for Windows Flaw Allows Attackers to Trigger DoS Attacks 2025-07-09 04:59 GBHackers
Linux-azure security issues 2025-07-09 03:09 Linux Security
Microsoft Patch Tuesday addresses 130 vulnerabilities, none actively exploited 2025-07-09 02:55 CyberScoop
Microsoft Patch Tuesday, July 2025 Edition 2025-07-09 02:03 Krebs on Security - Virginia
Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day 2025-07-09 01:37 Security Affairs
Microsoft enjoys first Patch Tuesday of 2025 with no active exploits 2025-07-09 01:14 The Register
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity 2025-07-09 00:17 CSO
Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Patched, Including 1 Zero-Day and 41 RCE Flaws 2025-07-08 23:31 GBHackers
Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Fixed Including 41 RCE 2025-07-08 23:17 Cyber Security News
Zoom Clients for Windows Vulnerability Exposes Users to DoS Attacks 2025-07-08 23:17 Cyber Security News
Samsung's July Security Update Arrives, Brings Mysterious Chip Fix 2025-07-08 20:40 Android Headlines
IBM i PTF Guide, Volume 27, Number 26 2025-07-08 11:07 IT Jungle
Several major Linux distros hit by serious Sudo security flaws" target="_self" data-before-rewrite-localise="/pro/security/several-major-linux-distros-hit-by-serious-sudo-security-flaws 2025-07-07 22:42 TechRadar
Chrome Zero-Day, 'FoxyWallet' Firefox Attacks Threaten Browsers 2025-07-01 14:37 Dark Reading