As cybersecurity threats become increasingly complex, network devices from various companies are becoming prime targets for hackers. According to recent reports, a new zero-day vulnerability has been discovered in Zyxel CPE series devices. This vulnerability, registered as CVE-2024-40891, is currently…
This vulnerability allows attackers with specific capabilities to execute specially crafted SQL queries and gain unauthorized access to the database. It has been classified as a “Critical” security issue with a CVSSv3 score of 8.6. The vulnerability arises due to…
The Akira ransomware group, which has been actively operating in the Ransomware-as-a-Service (RaaS) space since March 2023, recently introduced a new Linux variant targeting VMware ESXi servers. This development poses a significant cybersecurity threat. Initially focused on Windows systems, Akira…
GitLab has released important security updates for its Community Edition (CE) and Enterprise Edition (EE) versions, addressing several vulnerabilities, including a high-risk Cross-Site Scripting (XSS) vulnerability. The most critical vulnerability is a stored XSS vulnerability (CVE-2025-0314) caused by improper rendering…
A new vulnerability has been discovered in Microsoft Outlook, identified as CVE-2025-21298. This vulnerability resides in the Windows Object Linking and Embedding (OLE) system, specifically in the ole32.dll component. It is caused by a “double-free” error and enables remote code…
Recent reports indicate that over 379 Ivanti Connect Secure (ICS) devices have been compromised through a newly discovered vulnerability—CVE-2025-0282. This vulnerability enables cybercriminals to install hidden “backdoors” and gain persistent access to systems. Description of the CVE-2025-0282 VulnerabilityCVE-2025-0282 is a…
UZCERT has identified these vulnerabilities in the information infrastructure of more than 10 organizations located in the Republic of Uzbekistan. We request government agencies and other organizations using “FORTINET” products to follow the recommendations below to mitigate these vulnerabilities: User…
The Presidential Decree of the Republic of Uzbekistan No. PQ-14 dated January 20, 2025, “On the establishment of the state university ‘Cyber University’,” has been adopted. According to the decree, the main tasks of the University are defined as follows:…
A serious security vulnerability has been discovered in the popular RealHomes WordPress template and its Easy Real Estate plugin, which could expose more than 32,000 websites to cyberattacks. The vulnerabilities are classified as privilege escalation issues that do not require…
A critical vulnerability has been identified in the popular 7-Zip archiving software. This vulnerability allows attackers to bypass an important Windows security feature—the “Mark-of-the-Web” (MotW) mechanism. The vulnerability, tracked as CVE-2025-0411, has been assigned a CVSS security rating of 7.0,…