VULNERA

Critical XSS Vulnerability in WordPress Plugin Threatens Over Two Million Websites A grave security vulnerability, labelled as CVE-2025-24752, has been unveiled in the Essential Addons for Elementor WordPress plugin, potentially placing over two million websites in jeopardy. https://lnkd.in/gDHZf-cD

PolarEdge Botnet: Over 2,000 IoT Devices Infected Globally The PolarEdge botnet, a complex malware campaign focusing on IoT devices, has been unearthed by the Threat Detection & Research \(TDR\) team at Sekoia. https://lnkd.in/g8PFXXVG

Critical Vulnerability in Ivanti EPM: PoC for CVE-2024-13159 Released Security expert Zach Hanley, associated with Horizon3.ai, has revealed the specifics and a proof-of-concept \(PoC\) for a high-severity vulnerability in Ivanti Endpoint Manager \(EPM\), designated as CVE-2024-13159. https://lnkd.in/gVyVDv_e

Critical Vulnerability in Everest Forms Plugin Threatens Over 100,000 WordPress Sites A critical security vulnerability, labeled as CVE-2025-1128, has been discovered in the widely used WordPress plugin, Everest Forms. https://lnkd.in/gf-Vj-zS

Google Researcher Discloses High-Risk Vulnerability in Palo Alto Networks’ PAN-OS Firewall Software A Google researcher has unveiled a proof-of-concept exploit for a high-risk vulnerability \(CVE-2025-0110\) in the firewall software PAN-OS, developed by Palo Alto Networks. https://lnkd.in/gDgpAPak

Ubiquiti UniFi Protect Cameras Vulnerable to Remote Hijacking: Critical Security Advisory Issued Ubiquiti, a prominent network equipment provider, has issued a critical security warning about numerous vulnerabilities detected in its UniFi Protect camera line. https://lnkd.in/ggwEjhN7

Windows Disk Cleanup Tool Vulnerability Allows SYSTEM Privileges Exploitation: CVE-2025-21420 Patched Microsoft has patched a significant vulnerability in its Windows Disk Cleanup Tool \(cleanmgr.exe\) as part of the February 2025 Patch Tuesday. https://lnkd.in/gcTfsAR8

Critical Security Flaw in Juniper Session Smart Routers Allows Authentication Bypass Juniper Networks has rolled out security patches to rectify a significant security flaw that affects its Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. https://lnkd.in/dECgNMnt

RedMike Exploits Cisco Vulnerabilities in Global Espionage Campaign Insikt Group, a cybersecurity research firm, has discovered an ongoing global cyber espionage campaign led by the Chinese state-sponsored group, RedMike. https://lnkd.in/gZ-nMv6C

U.S. CISA Catalogs SimpleHelp Vulnerability as Known Exploited Threat The U.S. Cybersecurity and Infrastructure Security Agency \(CISA\) has incorporated a SimpleHelp flaw, labeled as CVE-2024-57727, into its Known Exploited Vulnerabilities \(KEV\) catalog. https://lnkd.in/gVjuM_xX