News - Page 5 of 27 - UZCERT xizmati

Computer Emergency
Response Team

News

Critical Vulnerabilities Detected in IBM Power HMC: Update Your Systems Immediately!

Two serious vulnerabilities have been identified in IBM’s Power Hardware Management Console (HMC) management system. These vulnerabilities could allow hackers to gain access to the system, escalate their privileges, and even execute commands at an administrator level. Details of the…

News

Critical RCE Vulnerability in Cisco Products: Your Infrastructure May Be at Risk

Recent cybersecurity analyses have uncovered a highly dangerous vulnerability in the SSH (Secure Shell) component of the Erlang/OTP platform used in Cisco products. Registered as CVE-2025-32433, this vulnerability has been assigned a CVSS score of 10.0—the highest possible severity rating.…

News

Critical Vulnerability in WordPress Greenshift Plugin Puts Entire Websites at Risk

In today’s digital landscape, website security has become more critical than ever. Many site owners rely on plugins to enhance design and expand functionality. However, these very extensions can sometimes open the door to significant security risks. A recently discovered…

News

Windows Update Vulnerability Puts Your Computer at Risk

The security of our computers often relies on invisible layers of protection. Yet, sometimes, vulnerabilities are discovered within these very systems we trust. According to recent findings, a critical security flaw, identified as CVE-2025-21204, has been uncovered in the Windows…

News

WinZip Vulnerability: Dangerous Files Can Execute Without Warning

In today’s digital age, even the simple act of opening an archive file can conceal significant risks. Recent research has uncovered a critical vulnerability in WinZip, one of the world’s most popular archiving tools, proving this point starkly. Identified as…

News

Critical Vulnerability Discovered in ASUS AiCloud Routers

ASUS, one of the world’s leading technology companies, has announced the discovery of a highly critical vulnerability in its routers with the AiCloud feature enabled. Identified as CVE-2025-2492, this vulnerability allows attackers to gain unauthorized access to the device and…

News

Critical Vulnerabilities Discovered in GitHub Enterprise Server

GitHub has released urgent security updates for its Enterprise Server product after identifying several high-risk vulnerabilities. Among them, CVE-2025-3509 stands out as the most critical, allowing attackers to execute arbitrary code and gain full control over affected systems. These vulnerabilities…

News

A New Phishing Technique Bypasses Gmail Security: Vulnerability Found in Google OAuth

A highly sophisticated phishing attack exploiting a vulnerability in Google’s OAuth system has been uncovered. This attack successfully bypasses Gmail’s security filters and authentication mechanisms, appearing completely legitimate to users — the emails seem to come from official Google domains…

News

NTLM Vulnerability in Windows Systems Actively Exploited

🔓 Cybercriminals are exploiting a critical vulnerability in Windows systems related to NTLM (New Technology LAN Manager) authentication to gain unauthorized access. This vulnerability, identified as CVE-2025-24054, allows attackers to spoof NTLM hashes, potentially exposing sensitive information. The vulnerability is…

News

Cisco Webex Vulnerability Allows Remote Code Execution via Weaponized Meeting Links

In today’s digital age, remote communication and online meetings have become an essential part of everyday life. Widely-used platforms like Cisco Webex serve as vital tools for millions of users worldwide. However, a recently discovered critical vulnerability has raised serious…