The U.S. Cybersecurity and Infrastructure Security Agency has added two actively exploited vulnerabilities affecting Gladinet and Control Web Panel to its Known Exploited Vulnerabilities catalog.
Mayhem Security, established in 2012, specializes in automating the discovery and remediation of software vulnerabilities using AI and autonomous execution.
Malicious actors could exploit a trio of already patched Windows Graphics Device Interface vulnerabilities, tracked as CVE-2025-30388, CVE-2025-47984, and CVE-2025-53766, to facilitate remote code execution and information disclosures, Infosecurity Magazine reports.
Attacks exploiting the high-severity Linux kernel bug, tracked as CVE-2024-1086, were observed by the Cybersecurity and Infrastructure Security Agency to have been deployed by ransomware groups more than a year after the flaw was included in its Known Exploited Vulnerabilities catalog, reports Security Affairs.
BADCANDY webshell spread via vulnerable Cisco IOS XE device targeting Threat actors were reported by the Australian Signals Directorate to have launched attacks exploiting the maximum severity Cisco IOS XE vulnerability, tracked as CVE-2023-20198, to deliver the BADCANDY webshell, according to Security Affairs.
Cybersecurity Dive reports that attacks exploiting the critical untrusted data deserialization bug in Windows Server Update Service, tracked as CVE-2025-59287, have compromised at least 50 organizations.
Intrusions harnessing the critical request origin verification vulnerability in Motex Lanscope Endpoint Manager, tracked as CVE-2025-61932, as a zero-day have been launched by China-linked cyberespionage operation Bronze Butler, also known as Tick, to spread an updated Gokcpdoor malware over the past few months, reports BleepingComputer.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
