CVE-2025-53770: Frequently Asked Questions About Zero-Day SharePoint Vulnerability Exploitation
Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server, ultimately enabling unauthenticated remote code execution....
CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild
A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation....
Oracle July 2025 Critical Patch Update Addresses 165 CVEs
Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates....
Microsoft 2025 年 7 月公告的 Patch Tuesday 解決了 128 個 CVE (CVE-2025-49719)
Microsoft addresses 128 CVEs, including one zero-day vulnerability that was publicly disclosed....
CVE-2025-5777、CVE-2025-6543:有關 CitrixBleed 2 和 Citrix NetScaler Exploitation 的常見問答集
Frequently asked questions about recent Citrix NetScaler ADC and Gateway vulnerabilities that have reportedly been exploited in the wild, including CVE-2025-5777 known as CitrixBleed 2....
有關 Iranian Cyber Operations 的常見問答集
Tenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors....
Microsoft 的 2025 年 6 月份 Patch Tuesday 解決了 65 個 CVE (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild....
關於 BadSuccessor 的常見問答集
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller....
CVE-2025-32756:在多個 Fortinet 產品中遭到猖獗刺探利用的零時差弱點
Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera....
CVE-2025-4427、CVE-2025-4428:Ivanti Endpoint Manager Mobile (EPMM) 遠端程式碼執行
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
Microsoft 2025 年 5 月的 Patch Tuesday 解決了 71 個 CVE (CVE-2025-32701、CVE-2025-32706、CVE-2025-30400)
Microsoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild....
縮短修復時間仍然是一大挑戰:Tenable Vulnerability Watch 如何提供協助
Timely vulnerability remediation is an ongoing challenge for organizations as they struggle to prioritize the exposures that represent the greatest risk to their operations. Existing scoring systems are invaluable but can lack context. Here’s how Tenable’s Vulnerability Watch classification system c...