Live
Milesight Gateway Vuln CVE-2025-4043 Enables Code Execution at Boot·MSFT +0.1%Remote attackers crash Windows servers via unauthenticated WDS TFTP flood in under seven minutes·NVDA +3.0%Legacy Windows Telnet Zero-Click Flaw Grants Remote Admin Access via NTLM Bypass·GOOGL +1.2%Critical Vulnerabilities in MicroDicom DICOM Viewer Expose Medical Data and Patient Safety to Grave Risks·AMZN +2.9%CISA Urges Immediate Patching for Critical SAP Vulnerability (CVE-2025-31324) Exploited in Attacks·MSFT +0.1%Critical Vulnerabilities in Delta ISPSoft PLC Software: Mitigating Risks in Industrial Automation·NVDA +3.0%CISA alerts on critical flaws in Rockwell, Delta, Lantronix ICS gear.·GOOGL +1.2%Exploitation of Windows NTLM Vulnerability CVE-2025-24054 in Widespread Cyberattacks·AMZN +2.9%Milesight Gateway Vuln CVE-2025-4043 Enables Code Execution at Boot·MSFT +0.1%Remote attackers crash Windows servers via unauthenticated WDS TFTP flood in under seven minutes·NVDA +3.0%Legacy Windows Telnet Zero-Click Flaw Grants Remote Admin Access via NTLM Bypass·GOOGL +1.2%Critical Vulnerabilities in MicroDicom DICOM Viewer Expose Medical Data and Patient Safety to Grave Risks·AMZN +2.9%CISA Urges Immediate Patching for Critical SAP Vulnerability (CVE-2025-31324) Exploited in Attacks·MSFT +0.1%Critical Vulnerabilities in Delta ISPSoft PLC Software: Mitigating Risks in Industrial Automation·NVDA +3.0%CISA alerts on critical flaws in Rockwell, Delta, Lantronix ICS gear.·GOOGL +1.2%Exploitation of Windows NTLM Vulnerability CVE-2025-24054 in Widespread Cyberattacks·AMZN +2.9%

Vulnerability Disclosure

The latest Vulnerability Disclosure coverage — news, analysis, and updates from the WindowsNews.AI desk.

11 stories in view AI assisted desk updated 1:41 PM
Latest Most Read Breaking
Sort
Access Control · Boot Script Vulnerability

Milesight Gateway Vuln CVE-2025-4043 Enables Code Execution at Boot

In the rapidly evolving landscape of industrial control systems (ICS), security remains a paramount concern for organizations operating across critical infrastructure sectors. A recent cybersecurity...

Advertisement
Cisa · Cve-2025-31324

CISA Urges Immediate Patching for Critical SAP Vulnerability (CVE-2025-31324) Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive for federal agencies and private organizations to patch a critical SAP vulnerability actively being...

SE Security Desk·63w ago
Automation · Buffer Overflow

Critical Vulnerabilities in Delta ISPSoft PLC Software: Mitigating Risks in Industrial Automation

Introduction In the dynamic and increasingly interconnected world of industrial automation, the security of software that programs and configures Industrial Control Systems (ICS)—particularly...

SE Security Desk·63w ago
Cisa · Critical Infrastructure

CISA alerts on critical flaws in Rockwell, Delta, Lantronix ICS gear.

On April 29, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) took significant action by publishing three new advisories targeting vulnerabilities in Industrial Control Systems...

SE Security Desk·63w ago
Advanced Persistent Threats · Apple Zero-day

Exploitation of Windows NTLM Vulnerability CVE-2025-24054 in Widespread Cyberattacks

Overview In March 2025, Microsoft released a security update addressing a critical vulnerability in the Windows NT LAN Manager (NTLM) authentication protocol, identified as CVE-2025-24054. Despite...

SE Security Desk·64w ago
Cve-2025-21204 · Cybersecurity

Microsoft's April 2025 Windows Update Introduces Security Flaw via Directory Junctions

In April 2025, Microsoft's Patch Tuesday updates aimed to address several security vulnerabilities in Windows operating systems. Among these was a fix for CVE-2025-21204, a privilege escalation...

SE Security Desk·64w ago
Automation · Critical Infrastructure

Schneider Electric Uni-Telway Driver Vulnerability: Critical ICS Security Threat

In the ever-evolving landscape of cybersecurity, a newly disclosed vulnerability in Schneider Electric’s Uni-Telway Driver has raised significant concerns among experts and organizations relying on...

SE Security Desk·64w ago
Cisa · Critical Infrastructure

Critical Siemens TeleControl Server Vulnerability (CVE-2024-39859) Exposes ICS Risks

In the ever-evolving landscape of industrial cybersecurity, a recent advisory from the Cybersecurity and Infrastructure Security Agency (CISA) has brought to light a critical vulnerability in Siemens...

SE Security Desk·64w ago