Vulnerability Archives ⋆ CyberHood Sentinel

A medium-severity vulnerability in Microsoft Windows, identified as CVE-2025-24054, is currently under active exploitation, enabling attackers to steal NTLM credentials through minimal user interaction. The U.S. Cybersecurity and Infrastructure Security…

News

Unpatched NVIDIA Container Toolkit Bug Could Let Attackers Escape Docker and Hijack Linux Hosts

April 10, 2025 TeamHood

In September 2024, NVIDIA addressed a critical vulnerability in its Container Toolkit, identified as CVE-2024-0132, which had a CVSS score of 9.0. This Time-of-Check Time-of-Use (TOCTOU) flaw allowed specially crafted…

News

Apache Tomcat CVE-2025-24813 Exploited in the Wild – Patch Now to Prevent Attacks

March 17, 2025 TeamHood

A critical security vulnerability identified as CVE-2025-24813 has been discovered in Apache Tomcat, a widely used open-source Java servlet container. This flaw is actively being exploited in the wild, allowing…

News

Apple Releases Emergency Security Patch for WebKit Zero-Day Vulnerability (CVE-2025-24201)

March 12, 2025 TeamHood

Apple has rolled out an urgent security update to patch a zero-day vulnerability in WebKit (CVE-2025-24201), which has been actively exploited in the wild. This flaw, found in the Safari…

News

VMware Security Flaws Under Active Exploitation—Critical Patches Released to Mitigate Risks

March 4, 2025 TeamHood

Broadcom has released critical security updates to address three actively exploited vulnerabilities affecting VMware ESXi, Workstation, and Fusion products. These vulnerabilities could lead to code execution and information disclosure, posing…

News

Microsoft Uncovers New macOS Vulnerability Allowing System Integrity Protection Bypass

January 14, 2025 TeamHood

In a significant discovery that highlights the evolving threat landscape for macOS users, Microsoft recently unveiled a critical vulnerability in Apple’s macOS that could have allowed malicious actors to bypass…

News

Chinese Hackers Exploit Fortinet VPN Zero-Day: A Wake-Up Call for Cybersecurity

November 19, 2024 TeamHood

In a recent cybersecurity development, Chinese threat actors have been exploiting a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client to steal user credentials. This vulnerability allows attackers to extract…

News

Chinese APT41 Hackers Target Gambling Industry in Sophisticated Cyberattack

October 21, 2024 TeamHood

In a recent cyberattack, the Chinese state-sponsored hacking group APT41 targeted the gambling industry, focusing on financial gain and espionage. The intrusion, which lasted for nine months, showcased the group’s…

News

Unmasking the SolarWinds Serv-U Path Traversal Flaw: A Guide for Security Engineers

June 20, 2024 TeamHood

Introduction In an era where cybersecurity threats are increasingly sophisticated, security engineers must remain vigilant and informed about the latest vulnerabilities that could jeopardize organizational security. One of the recent…

News

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

June 17, 2024 TeamHood

Introduction In today’s interconnected world, router security is paramount. Recently, ASUS addressed critical security flaws in multiple router models, reinforcing the importance of regular updates and vigilance in cybersecurity practices.…

Windows Vulnerability CVE-2025-24054 Actively Exploited to Steal NTLM Credentials

Unpatched NVIDIA Container Toolkit Bug Could Let Attackers Escape Docker and Hijack Linux Hosts

Apache Tomcat CVE-2025-24813 Exploited in the Wild – Patch Now to Prevent Attacks

Apple Releases Emergency Security Patch for WebKit Zero-Day Vulnerability (CVE-2025-24201)

VMware Security Flaws Under Active Exploitation—Critical Patches Released to Mitigate Risks

Microsoft Uncovers New macOS Vulnerability Allowing System Integrity Protection Bypass

Chinese Hackers Exploit Fortinet VPN Zero-Day: A Wake-Up Call for Cybersecurity

Chinese APT41 Hackers Target Gambling Industry in Sophisticated Cyberattack

Unmasking the SolarWinds Serv-U Path Traversal Flaw: A Guide for Security Engineers

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

You missed

Chinese Hackers Deploy Upgraded MysterySnail RAT to Target Russian and Mongolian Governments

Windows Vulnerability CVE-2025-24054 Actively Exploited to Steal NTLM Credentials

U.S. Government Extends Funding for MITRE’s CVE Program Amid Cybersecurity Concerns

Pakistan-Linked Hackers Expand Espionage Campaigns, Targeting Key Indian Sectors with Advanced Malware

Tag: Vulnerability

You missed