Logo
  • NEWS
  • NVD
  • EXPLOITS
  • SECURITY
    • NCSC
    • SECURELIST
    • US-CERT
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap

  • W3LL Phishing Kit Launches Active Campaign to Steal Outlook Login Credentials

    Cybersecurity researchers have recently uncovered a sophisticated phishing campaign leveraging the notorious W3LL Phishing Kit. Originally …

    20 May 2025
    Active, Campaigns, Cyber Security News, Identity Theft, Launches
  • Tor Browser 14.5.2 Released: Bug Fixes and Enhanced Features

    Tor Project has launched Tor Browser 14.5.2, a significant update addressing security vulnerabilities, refining cross-platform …

    20 May 2025
    Bug Fixes, Cyber Security News, Features, Firefox, Mozilla
  • CampusGuard ScriptSafe prevents unauthorized script execution

    CampusGuard introduced ScriptSafe, a software data security and privacy compliance solution.  ScriptSafe identifies and mitigates risks …

    20 May 2025
    IT, News
  • Commvault enhances cyber resilience for Red Hat OpenShift Virtualization workloads

    Commvault is extending its Kubernetes protection to support virtual machines (VMs) running on Red Hat OpenShift Virtualization. This new …

    20 May 2025
    IT, News, Red Hat, Virtualization
  • Malicious PyPI Packages Exploit Instagram and TikTok APIs to Validate User Accounts

    Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker …

    20 May 2025
    Accounts, APIs, Instagram, Malicious, Malware
  • Critical pfSense Firewall Flaws Enable Attackers to Inject Malicious Code

    Security researchers have uncovered three critical vulnerabilities in pfSense firewall software that could allow attackers to inject …

    20 May 2025
    Attackers, Critical, Cyber Security News, Enable, Flaws
  • CISA Adds Actively Exploited Ivanti EPMM Zero-Day to KEV Catalog

    Cybersecurity and Infrastructure Security Agency (CISA) has added two critical zero-day vulnerabilities affecting Ivanti Endpoint Manager …

    20 May 2025
    IT, News, Security Pro, Vulnerability
  • Microsoft 365 Users Targeted by Tycoon2FA Linked Phishing Attack to Steal Credentials

    A new wave of targeted phishing campaigns, linked to the Tycoon2FA group, has been identified specifically targeting Microsoft 365 users. …

    20 May 2025
    Credentials, Cyber Attack, Cyber Security News, Identity Theft, Linked
  • Closing security gaps in multi-cloud and SaaS environments

    In this Help Net Security interview, Kunal Modasiya, SVP, Product Management, GTM, and Growth at Qualys, discusses recent Qualys research …

    20 May 2025
    Features, IT, News, Qualys
  • Containers are just processes: The illusion of namespace security

    In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that …

    20 May 2025
    Containers, Edera, IT, Linux, OS
  • Why legal must lead on AI governance before it’s too late

    In this Help Net Security interview, Brooke Johnson, Chief Legal Counsel and SVP of HR and Security, Ivanti, explores the legal …

    20 May 2025
    AI governance, CISO, CXO, Features, Why
  • AI voice hijacking: How well can you trust your ears?

    How sure are you that you can recognize an AI-cloned voice? If you think you’re completely certain, you might be …

    20 May 2025
    AI, How, IT, News
{"loadingDistance":1200,"stickyPosts":[],"nextPageLink":"https://itts.at/page/2","queryId":0}

●●●

CookieFree

NVD

  • CVE-2025-4322 – The Motors theme for WordPress is vulnerable to privilege escalation via account takeover …20 May 2025
  • CVE-2025-3079 – A passback vulnerability which relates to office/small office multifunction printers and …20 May 2025
  • CVE-2025-2929 – The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a …20 May 2025
  • CVE-2025-4971 – Broadcom Automic Automation Agent Unix versions < 24.3.0 HF4 and < 21.0.13 HF1 allow low ...20 May 2025
  • CVE-2025-3078 – A passback vulnerability which relates to production printers and office multifunction …20 May 2025

EXPLOITS

  • CrushFTP 11.3.1 – Authentication Bypass18 May 2025
  • Zyxel USG FLEX H series uOS 1.31 – Privilege Escalation18 May 2025
  • Invision Community 5.0.6 – Remote Code Execution (RCE)18 May 2025
  • WordPress Frontend Login and Registration Blocks Plugin 1.0.7 – Privilege Escalation13 May 2025
  • RDPGuard 9.9.9 – Privilege Escalation13 May 2025

SECURELIST

  • Threat landscape for industrial automation systems in Q1 202515 May 2025
  • Using a Mythic agent to optimize penetration testing13 May 2025
  • State of ransomware in 20257 May 2025
  • Outlaw cybergang attacking targets worldwide29 April 2025
  • Triada strikes back25 April 2025


Copyright © 2025 ITTS | Cookie-Free | Privacy Policy | We are not responsible for the content of external sites.