Tag: router
-
Critical Vulnerability Patched in Juniper Session Smart Router
by
in SecurityNewsA critical vulnerability tracked as CVE-2025-21589 has been patched in Juniper Networks’ Session Smart Router. The post Critical Vulnerability Patched in Juniper Session Smart Router appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerability-patched-in-juniper-session-smart-router/
-
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
by
in SecurityNewsJuniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices.Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3.”An Authentication Bypass Using…
-
Juniper Issues Warning About Critical Authentication Bypass Vulnerability
by
in SecurityNewsJuniper Networks has issued an urgent security bulletin for its Session Smart Router, Session Smart Conductor, and WAN Assurance Router product lines, revealing a critical API authentication bypass vulnerability (CVE-2025-21589) that enables unauthenticated attackers to gain full administrative control over devices. The flaw carries maximum severity ratings of 9.8 under CVSS v3.1 and 9.3 under…
-
Privacy Roundup: Week 7 of Year 2025
by
in SecurityNews
Tags: access, antivirus, api, apple, attack, breach, business, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, law, leak, malware, microsoft, military, network, password, phishing, privacy, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, windows, zero-dayThis is a news item roundup of privacy or privacy-related news items for 9 FEB 2025 – 15 FEB 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws
China-linked APT Salt Typhoon has breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. China-linked APT group Salt Typhoon is still targeting telecommunications providers worldwide, and according to a new report published by Recorded Future’s Insikt Group, the threat actors has breached more U.S. telecommunications providers by exploiting unpatched Cisco IOS XE…
-
Chinese hackers breach more US telecoms via unpatched Cisco routers
China’s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-breach-more-us-telecoms-via-unpatched-cisco-routers/
-
Salt Typhoon remains active, hits more telecom networks via Cisco routers
The Chinese nation-state threat group intruded five additional telecom networks between December and January, including two unnamed providers in the U.S., Recorded Future researchers said. First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-china-ongoing-telecom-attack-spree/
-
China’s Salt Typhoon Spies Are Still Hacking Telecoms”, Now by Exploiting Cisco Routers
Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms. First seen on wired.com Jump to article: www.wired.com/story/chinas-salt-typhoon-spies-are-still-hacking-telecoms-now-by-exploiting-cisco-routers/
-
Privacy Roundup: Week 6 of Year 2025
by
in SecurityNews
Tags: access, ai, api, apple, backdoor, breach, browser, cctv, chrome, control, credit-card, cybersecurity, data, data-breach, encryption, exploit, firmware, framework, germany, government, group, leak, malware, monitoring, phishing, privacy, regulation, risk, router, scam, service, software, spy, technology, threat, tool, update, vpn, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 2 FEB 2025 – 8 FEB 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
Trotz Sicherheitslücke kein Support: Zweiter Hersteller will, dass Kunden Router einfach wegwerfen
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/trotz-sicherheitsluecke-kein-support-zweiter-hersteller-will-dass-kunden-router-einfach-wegwerfen-1671867/
-
Breach Roundup: Hacker Claims 20 Million OpenAI Logins Taken
Also: Researchers Bypass GitHub Copilot’s Protections, Deloitte Pays $5M for Breach. This week: A hacker claims to have 20 million OpenAI logins, Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot’s protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, Spain nabs hacker, and Deloitte pays $5M for RIBridges…
-
Breach Roundup: Sweden Clears Ship in Baltic Cable Damage
by
in SecurityNewsAlso: Researchers Bypass GitHub Copilot’s Protections, Deloitte Pays $5M for Breach. This week: Sweden clears ship in Baltic cable damage, researchers find ways to bypass GitHub Copilot’s protections, Netgear patches router flaws, undetectable Mac backdoor raises alarms, cyberattacks target aviation, Spain nabs international hacker, and Deloitte pays $5M for RIBridges breach. First seen on govinfosecurity.com…
-
Actively-Exploited Bugs In Zyxel Routers Require Immediate Device Upgrades
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/actively-exploited-zyxel-bugs-require-immediate-device-upgrades
-
Spy vs spy: Security agencies help secure the network edge
by
in SecurityNews
Tags: cybersecurity, exploit, firewall, infrastructure, intelligence, Internet, network, router, service, software, spy, strategy, vpn, vulnerabilityThe national intelligence services of five countries have offered enterprises advice on beating spies at their own game in a series of documents intended to help them protect network edge devices and appliances such as firewalls, routers, VPN (virtual private networks) gateways, internet of things (IoT) devices, internet-facing servers, and internet-facing OT (operational technology) systems…
-
Actively exploited Zyxel router bugs require immediate model upgrades
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/actively-exploited-zyxel-router-bugs-require-immediate-model-upgrades
-
Zyxel won’t patch endlife routers against zero-day attacks
Networking hardware vendor Zyxel has no plans to patch multiple end-of-life routers against new zero-day flaws and advises customers to replace affected devices entirely. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618782/Zyxel-wont-patch-end-of-life-routers-against-zero-day-attacks
-
Swap EOL Zyxel routers, upgrade Netgear ones!
There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/05/swap-eol-zyxel-routers-upgrade-netgear-ones-patches-cve-2024-40891/
-
Netgear: Nighthawk Pro Gaming-Router mit Schadcode-Leck
by
in SecurityNewsNetgear warnt vor Codeschmuggel-Lücken in Nighthawk Pro Gaming-Routern. Zudem haben einige Router nach Support-Ende eine Sicherheitslücke. First seen on heise.de Jump to article: www.heise.de/news/Netgear-Nighthawk-Pro-Gaming-Router-mit-Schadcode-Leck-10271050.html
-
Netgear Patches Critical Vulnerabilities in Multiple WiFi Router Models
by
in SecurityNewsNetgear has released security updates addressing two critical vulnerabilities affecting several WiFi router models and has strongly urged users to update their firmware immediately. These vulnerabilities could allow unauthenticated attackers to execute remote code or bypass authentication, creating a serious… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/netgear-patches-critical-vulnerabilities-in-multiple-wifi-router-models/
-
Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers
by
in SecurityNewsThe Taiwanese hardware maker says it has no plans patch the flaws impacting legacy router models First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/05/router-maker-zyxel-tells-customers-to-replace-vulnerable-hardware-exploited-by-hackers/
-
Critical Netgear Vulnerabilities Allow Hackers to Execute Remote Code
by
in SecurityNewsNetgear has addressed critical security vulnerabilities in several of its popular router models that could allow hackers to execute remote code without authentication. If not resolved promptly, these vulnerabilities pose a significant risk to affected devices, potentially enabling malicious actors to compromise networks. Critical Security Threat The vulnerability, rated as Critical with a CVSS score of 9.8,…
-
Kein Support mehr: Hersteller drängt wegen Router-Lücken auf Entsorgung
by
in SecurityNewsSicherheitslücken in mehreren Zyxel-Routern werden aktiv ausgenutzt. Der Hersteller will nicht patchen und verweist auf den EOL-Status der Geräte. First seen on golem.de Jump to article: www.golem.de/news/kein-support-mehr-hersteller-draengt-wegen-router-luecken-auf-entsorgung-2502-193053.html
-
Support ausgelaufen: Keine Sicherheitsupdates mehr für attackierte Zyxel-Router
by
in SecurityNewsDerzeit hat es eine Mirai-Botnet-Malware auf bestimmte Routermodelle von Zyxel abgesehen. Weil der Support ausgelaufen ist, müssen Admins jetzt handeln. First seen on heise.de Jump to article: www.heise.de/news/Support-ausgelaufen-Keine-Sicherheitsupdates-mehr-fuer-attackierte-Zyxel-Router-10269938.html
-
CISA Releases New Guidelines to Secure Firewalls, Routers, and Internet-Facing Servers
by
in SecurityNews
Tags: cisa, cyber, cybersecurity, firewall, Hardware, infrastructure, international, Internet, network, router, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new set of guidelines to fortify firewalls, routers, internet-facing servers, and other edge devices against cyber threats. This collaborative guidance, supported by leading international cybersecurity organizations, aims to address vulnerabilities in hardware that form the backbone of critical infrastructure and operational networks worldwide. Edge devices”,…
-
Netgear urges users to upgrade two flaws impacting WiFi router models
by
in SecurityNewsNetgear disclosed two critical flaws impacting multiple WiFi router models and urges customers to address them. Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117, impacting multiple WiFi router models and urged customers to install the latest firmware. The two flaws are, respectively, a remote code execution issue and an authentication bypass vulnerability.…
-
Zyxel won’t patch newly exploited flaws in endlife routers
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans to issue fixing patches and urging users to move to actively supported models. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zyxel-wont-patch-newly-exploited-flaws-in-end-of-life-routers/
-
Exploitation of vulnerability in Zyxel CPE targets legacy routers
by
in SecurityNewsZyxel urged users to replace their old devices with modern, supported versions. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/exploitation-vulnerability-zyxel-routers/739182/
-
Netgear warns users to patch critical WiFi router vulnerabilities
by
in SecurityNewsNetgear has fixed two critical remote code execution and authentication bypass vulnerabilities affecting multiple WiFi routers and warned customers to update their devices to the latest firmware as soon as possible. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/netgear-warns-users-to-patch-critical-wifi-router-vulnerabilities/
-
Google patches odd Android kernel security bug amid signs of targeted exploitation
by
in SecurityNewsAlso, Netgear fixes critical router, access point vulnerabilities First seen on theregister.com Jump to article: www.theregister.com/2025/02/04/google_android_patch_netgear/
-
TP-Link Router Web Interface XSS Vulnerability PoC Exploit Released
by
in SecurityNewsA recently discovered Cross-site Scripting (XSS) vulnerability, CVE-2024-57514, affecting the TP-Link Archer A20 v3 Router has raised security concerns among users. The flaw CVE-2024-57514, identified in firmware version 1.0.6 Build 20231011 rel.85717(5553), allows attackers to execute arbitrary JavaScript code through the router’s web interface, potentially leading to malicious exploitation. Discovery of the Vulnerability The vulnerability stems…