Broadcom Addresses Actively Exploited Vulnerability in VMware Aria Operations and VMware Tools (CVE-2025-41244) Broadcom disclosed a local privilege escalation vulnerability affecting VMware’s guest service discovery features. Tracked as CVE-2025-41244, successful exploitation of the... 02/10/2025 Qualys-Threat-Protect
Malicious MCP Server on npm postmark-mcp Exploited in Attack Security researchers discovered a significant vulnerability in the Model Context Protocol (MCP) server that was exploited in the wild. The... 30/09/2025 Qualys-Threat-Protect
Cisco Addresses Zero-day Vulnerabilities in Cisco ASA and FTD Software (CVE-2025-20362 & CVE-2025-20333) Cisco warns its users to patch two actively exploited vulnerabilities impacting the VPN web server of Cisco Secure Firewall Adaptive... 27/09/2025 Qualys-Threat-Protect
Cisco IOS and IOS XE Software Vulnerability Exploited in the Wild (CVE-2025-20352) Cisco released a security advisory to address an actively exploited vulnerability, tracked as CVE-2025-20352, impacting Cisco IOS and IOS XE... 26/09/2025 Qualys-Threat-Protect
SolarWinds Web Help Desk Remote Code Execution Vulnerability (CVE-2025-26399) SolarWinds released a security advisory to address a critical severity vulnerability impacting its Web Help Desk software. Tracked as CVE-2025-26399,... 25/09/2025 Qualys-Threat-Protect
GoAnywhere Managed File Transfer (MFT) Deserialization Vulnerability (CVE-2025-10035) Fortra released security updates for a critical severity vulnerability impacting GoAnywhere MFT’s License Servlet. Tracked as CVE-2025-10035, the vulnerability has... 23/09/2025 Qualys-Threat-Protect
Another Zero-day Vulnerability impacting Google Chrome (CVE-2025-10585) On Wednesday, Google rolled out security updates for a Chrome vulnerability actively exploited in the wild. Tracked as CVE-2025-10585, the vulnerability is... 19/09/2025 Qualys-Threat-Protect
More than 400 npm Packages affected by the Ongoing Supply Chain Attack A malicious update to ctrl/tinycolor (2.2M weekly downloads) triggered the supply chain attack, impacting over 400 packages spanning multiple maintainers.... 18/09/2025 Qualys-Threat-Protect
Ivanti September Security Updates Address Multiple Vulnerabilities in Popular Products Ivanti released its security bulletin for September, addressing 13 vulnerabilities. The vulnerabilities impact Ivanti Endpoint Manager, Ivanti Connect Secure, Policy... 12/09/2025 Qualys-Threat-Protect
Ivanti February Security Updates Address Multiple Vulnerabilities in Popular Products Ivanti released its security bulletin for September, addressing 13 vulnerabilities. The vulnerabilities impact Ivanti Endpoint Manager, Ivanti Connect Secure, Policy... 12/09/2025 Qualys-Threat-Protect
