News - Page 6 of 28 - UZCERT xizmati

Computer Emergency
Response Team

News

WinZip Vulnerability: Dangerous Files Can Execute Without Warning

In today’s digital age, even the simple act of opening an archive file can conceal significant risks. Recent research has uncovered a critical vulnerability in WinZip, one of the world’s most popular archiving tools, proving this point starkly. Identified as…

News

Critical Vulnerability Discovered in ASUS AiCloud Routers

ASUS, one of the world’s leading technology companies, has announced the discovery of a highly critical vulnerability in its routers with the AiCloud feature enabled. Identified as CVE-2025-2492, this vulnerability allows attackers to gain unauthorized access to the device and…

News

Critical Vulnerabilities Discovered in GitHub Enterprise Server

GitHub has released urgent security updates for its Enterprise Server product after identifying several high-risk vulnerabilities. Among them, CVE-2025-3509 stands out as the most critical, allowing attackers to execute arbitrary code and gain full control over affected systems. These vulnerabilities…

News

A New Phishing Technique Bypasses Gmail Security: Vulnerability Found in Google OAuth

A highly sophisticated phishing attack exploiting a vulnerability in Google’s OAuth system has been uncovered. This attack successfully bypasses Gmail’s security filters and authentication mechanisms, appearing completely legitimate to users — the emails seem to come from official Google domains…

News

NTLM Vulnerability in Windows Systems Actively Exploited

🔓 Cybercriminals are exploiting a critical vulnerability in Windows systems related to NTLM (New Technology LAN Manager) authentication to gain unauthorized access. This vulnerability, identified as CVE-2025-24054, allows attackers to spoof NTLM hashes, potentially exposing sensitive information. The vulnerability is…

News

Cisco Webex Vulnerability Allows Remote Code Execution via Weaponized Meeting Links

In today’s digital age, remote communication and online meetings have become an essential part of everyday life. Widely-used platforms like Cisco Webex serve as vital tools for millions of users worldwide. However, a recently discovered critical vulnerability has raised serious…

News

Two Critical Vulnerabilities Discovered in Apple iPhones

One of the leading companies in the tech world, Apple, has recently announced an urgent security update for iPhone and iPad users. This update is being distributed through iOS 18.4.1 and iPadOS 18.4.1. The reason is serious — two zero-day…

News

Critical Firefox Vulnerability Found — Update Immediately!

Mozilla has released a crucial security update for its Firefox browser, addressing a high-severity vulnerability that could lead to memory corruption and potentially allow attackers to exploit affected systems. 🛠️ What’s the issue? The vulnerability, identified as CVE-2025-3608, was discovered…

News

Critical Vulnerability in Apache Roller: Hackers Remain in the System Even After Password Changes

A dangerous vulnerability discovered in the popular blogging platform Apache Roller poses a serious threat to users and organizations. The vulnerability, identified as CVE-2025-24859, affects all versions of the platform from 1.0.0 to 6.1.4 and has received the highest CVSS…

News

Dangerous Cyberattacks via “SureTriggers” WordPress Plugin Began Just 4 Hours After Vulnerability Disclosure

On April 10, 2025, only four hours after a critical vulnerability in the popular WordPress plugin SureTriggers was publicly disclosed, active exploitation of the flaw began. This plugin is installed on over 100,000 websites worldwide and has been found to…