SecurityWeek

SonicWall Patches Exploited SMA 1000 Zero-Day

Threat actors are chaining CVE-2025-40602, a fresh SonicWall zero-day, with CVE-2025-23006 for unauthenticated remote code execution.
Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...
Bleeping Computer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
Bleeping Computer

Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers

A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept (PoC) exploits. Apache OFBiz (Open For Business) is an ...