Author: Sergiu Gatlan

News

Cisco IOS XR vulnerability lets attackers crash BGP on routers

By Sergiu GatlanMarch 16, 2025

Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. IOS XR runs on the company’s carrier-grade, Network Convergence System (NCS), and Carrier Routing System (CRS) series of routers, such as the ASR 9000, NCS 5500, and 8000 series. This high-severity flaw (tracked as CVE-2025-20115) was found in the confederation implementation for the Border Gateway Protocol (BGP), and it only affects Cisco IOS XR devices if BGP confederation is configured. Successful exploitation allows unauthenticated attackers to take down vulnerable devices remotely in low-complexity attacks by causing memory…

microsoft

Week-long Exchange Online outage causes email failures, delays

By Sergiu GatlanMarch 15, 2025

Microsoft says it partially mitigated a week-long Exchange Online outage causing delays or failures when sending or receiving email messages. While the company didn’t publicly share information on this incident, it tagged it as a critical service issue tracked under EX1027675 on the Microsoft 365 Admin Center. Microsoft has yet to share more information on what regions were affected by this outage, but it said the incident impacted “any user serviced by the impacted portion of infrastructure.” Customers worldwide also reported experiencing email delivery failures over the last week, with those impacted saying they were receiving a Non-Delivery Report (NDR)…

Gaming

Juniper patches bug that let Chinese cyberspies backdoor routers

By Sergiu GatlanMarch 13, 2025

Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access. This medium severity flaw (CVE-2025-21590) was reported by Amazon security engineer Matteo Memelli and is caused by an improper isolation or compartmentalization weakness. Successful exploitation lets local attackers with high privileges execute arbitrary code on vulnerable routers to compromise the devices’ integrity. “At least one instance of malicious exploitation (not at Amazon) has been reported to the Juniper SIRT. Customers are encouraged to upgrade to a fixed release as soon as it’s available and in the meantime take steps…

Apple

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks

By Sergiu GatlanMarch 12, 2025

Apple has released emergency security updates to patch a zero-day bug the company describes as exploited in “extremely sophisticated” attacks. The vulnerability is tracked as CVE-2025-24201 and was found in the WebKit cross-platform web browser engine used by Apple’s Safari web browser and many other apps and web browsers on macOS, iOS, Linux, and Windows. “This is a supplementary fix for an attack that was blocked in iOS 17.2,” the iPhone maker said in security advisories issued on Tuesday. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted…

What's Hot

Why Wheel of Time’s Josha Stradowski sees season 3 Rand as Mike Tyson

New SuperBlack ransomware exploits Fortinet auth bypass flaws

Gears of War: E-Day Co-Developer People Can Fly Signs New Project With Sony, Codenamed Project Delta

Author: Sergiu Gatlan

Cisco IOS XR vulnerability lets attackers crash BGP on routers

Week-long Exchange Online outage causes email failures, delays

Juniper patches bug that let Chinese cyberspies backdoor routers

Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks

Our Picks

Dungeon RNG codes (March 2025) [SkillTree]

AYANEO’s next flagship gaming handheld is coming soon

Starfield To Have “Lots of Things Planned” For This Year