CVE-2025-53770: Frequently Asked Questions About Zero-Day SharePoint Vulnerability Exploitation
Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server, ultimately enabling unauthenticated remote code execution....
CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild
A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation....
Oracle July 2025 Critical Patch Update Addresses 165 CVEs
Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates....
Microsoft’s July 2025 Patch Tuesday Addresses 128 CVEs (CVE-2025-49719)
Microsoft addresses 128 CVEs, including one zero-day vulnerability that was publicly disclosed....
CVE-2025-5777, CVE-2025-6543: Frequently Asked Questions About CitrixBleed 2 and Citrix NetScaler Exploitation
Frequently asked questions about recent Citrix NetScaler ADC and Gateway vulnerabilities that have reportedly been exploited in the wild, including CVE-2025-5777 known as CitrixBleed 2....
Frequently Asked Questions About Iranian Cyber Operations
Tenable’s Research Special Operations team focuses on some frequently asked questions about Iranian cyber operations, including the tactics, techniques and procedures employed by Iran-based threat actors....
Microsoft의 June 2025 Patch Tuesday에서 65개 CVE에 대응 (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild....
BadSuccessor에 대해 자주 묻는 질문
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller....
CVE-2025-32756: 다수의 Fortinet 제품에서 제로데이 취약성이 널리 악용됨
Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera....
CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) 원격 코드 실행
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
Microsoft의 May 2025 Patch Tuesday에서 71개 CVE(CVE-2025-32701, CVE-2025-32706, CVE-2025-30400)에 대응
Microsoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild....
수정 시간 단축이 여전히 도전 과제: Tenable Vulnerability Watch가 도움이 되는 방식
조직의 운영에 가장 큰 위험이 되는 노출의 우선 순위를 지정하는 데 어려움을 겪고 있으므로 적시에 취약성 수정은 조직에게 계속해서 도전 과제가 됩니다. 기존 점수 시스템은 중요하지만 컨텍스트가 부족할 수 있습니다. Tenable의 Vulnerability Watch 분류가 도움이 될 수 있는 방식...