Known Exploited Vulnerabilities and counting....
A known exploited vulnerability (KEV) refers to a software vulnerability that is being actively exploited by cybercriminals or threat actors. When a vulnerability becomes known to be exploited in the wild, it signals that the vulnerability poses a significant and imminent risk to organizations.
Common Vulnerability and Exposure
CVEs form a database of known security vulnerabilities that are actively tracked and managed by a group of organizations, such as the U.S. National Cyber Security Alliance. CVEs are an important tool for network security management because they not only provide an inventory of existing vulnerabilities, but also provide information about how the vulnerability can be exploited and instructions on how to protect against it.
Search Known Exploits
Search for CVEs by vendor to identify known exploited vulnerabilities in your environment
CVE = Common Vulnerability and Exposure
CVE OF THE WEEK:
Palo Alto Networks
PAN-OS
Patch deadline: a year ago on 01/20/2025
CVE-2024-3393
Palo Alto Networks PAN-OS contains a vulnerability in parsing and logging malformed DNS packets in the DNS Security feature that, when exploited, allows an unauthenticated attacker to remotely reboot the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode.
Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability
Learn more about this CVE: paloaltonetworks.com
Cyber Security News
You may have missed...
*
Inside a cyberattack: How hackers steal data
The truth about cybersecurity is that it's almost impossible to keep hackers outside of an organization, particularly as the cybercrime industry ...
User assets already stolen as new MacSync variant bypasses macOS security
It can reportedly steal sensitive data like iCloud keychains, browser passwords, and crypto wallets. The warning came attached to a blog from Jamf ...
SEC sues crypto firms for defrauding investors out of $14 million - Recorded Future News
The platforms claimed to have “government licenses” and members of the WhatsApp group were also offered “Security Token Offerings” — all of which were...
CISA loses key employee behind early ransomware warnings - Cybersecurity Dive
An American flag and a flag bearing the seal of the Cybersecurity and Infrastructure Security Agency. The Cybersecurity and Infrastructure Security .....
The story of the Málaga virus: The code that haunted Google's cybersecurity center director ...
... to locate the creator of the software that, besides infecting the university's computers in the 1990s, sparked his passion for cybersecurity.
Rogue employee of Chicago cybersecurity firm pleads guilty to $1.3 million ransomware hack
... hacking a medical device company and extorting a ransom of nearly $1.3 million to unlock its servers. Kevin Tyler Martin, a ransomware threat ...
Hackers stole over $2.7B in crypto in 2025, data shows | TechCrunch
The biggest hack by far was the breach at Dubai-based crypto exchange Bybit, where hackers stole around $1.4 billion in crypto. Blockchain analysis .....
US insurance giant Aflac says hackers stole personal and health data of 22.6 million
Aflac, one of the largest insurance companies in the U.S., confirmed hackers stole reams of personal data, including Social Security numbers, ...
Ex-Michigan coach Matt Weiss on video before alleged hack of student files | New York Post
... hacked college students ... Ex-Michigan assistant coach caught on security footage minutes before allegedly hacking explicit student files.
Updated daily