Tag

Exploitation

All articles tagged with #exploitation

entertainment1 month ago•468 min saved

Jayme Lawson Calls BAFTAs Exploitative, Urges Real Inclusion

Sinners star Jayme Lawson praised Michael B. Jordan and Delroy Lindo for how they handled a slur at the BAFTAs, but she denounced the event as exploitative rather than inclusive, arguing that inviting people into spaces without real safety and resources isn’t true inclusion. She also criticized the BBC for cutting or censoring moments in their coverage (and referenced censorship of a separate “Free Palestine” moment), saying such edits undermine dignity and protection for Black artists who contributed to the night.

via Vulture|

#baftas #entertainment #exploitation

entertainment1 month ago•17 min saved

Sinners Star Jayme Lawson Calls BAFTA Incident Exploitation, Urges Real Inclusion

Jayme Lawson criticized the BAFTA incident in which a guest with Tourette’s shouted the N-word at Michael B. Jordan and Delroy Lindo, calling it exploitation and urging true inclusion with safety resources; she praised how the onstage duo handled the moment, condemned the BBC and BAFTA for carelessness in coverage, and tied the event to broader issues of dignity, safety, and representation highlighted at the NAACP Image Awards.

via The Hollywood Reporter|

#bafta-awards #entertainment #exploitation

legal1 month ago•3 min saved

Allegations of Captivity and Exploitation in Crispin Glover Lawsuit

A California lawsuit accuses Crispin Glover of grooming a former model, luring her to Los Angeles, and holding her captive as a live‑in girlfriend for sex and unpaid labor, while allegedly controlling her movements and whereabouts and assaulting her; the plaintiff says she was eventually locked out of his home, leaving her homeless. The suit, filed in Superior Court of California, also alleges battery, fraud and wrongful eviction and seeks unspecified damages. Glover’s representatives deny the allegations, saying he intends to vigorously defend himself and noting that he previously was the victim of an assault by Jane Doe; a restraining order he filed against Jane Doe was later dismissed. The case references a 2024 incident after which LAPD was involved.

via NBC News|

#california #captivity #crispin-glover

security1 month ago•2 min saved

CISA Flags Four Actively Exploited Flaws in KEV Update and Urges Patch

CISA added four flaws to the Known Exploited Vulnerabilities catalog due to active exploitation: CVE-2026-2441 (Chrome use-after-free), CVE-2024-7694 (TeamT5 ThreatSonar Anti-Ransomware arbitrary file upload leading to command execution), CVE-2020-7796 (Zimbra Collaboration Server SSRF), and CVE-2008-0015 (Windows Video ActiveX buffer overflow). Google confirms an in-the-wild exploit for CVE-2026-2441; GreyNoise documents about 400 IPs exploiting CVE-2020-7796 across several countries; the CVE-2008-0015 exploit can download additional malware like Dogkild and alter system files/hosts. The TeamT5 exploitation vector remains unclear. Federal agencies are urged to patch by March 10, 2026.

via The Hacker News|

#cisa #exploitation #kev

world1 month ago•1 min saved

Northern Sweden husband accused of pimping wife to about 120 men

A man in his 60s from northern Sweden is suspected of exploiting his wife by selling sex with her to at least 120 men; in custody since October, he faces aggravated procuring charges, while two men who bought sex from the wife have already been charged and more are likely; Swedish law criminalizes buying sex and procuring it, with sellers treated as exploited; indictment against the husband is set for March 13 and the trial will follow.

via AP News|

#aggravated-procuring #exploitation #note-avoid-duplicate

security2 months ago•1 min saved

CISA Flags VMware vCenter RCE Flaw CVE-2024-37079 as Actively Exploited

CISA added CVE-2024-37079, a critical heap-overflow flaw in Broadcom VMware vCenter Server, to the KEV catalog after evidence of active exploitation; Broadcom patched CVE-2024-37079 (and CVE-2024-37080) in June 2024, with researchers Hao Zheng and Zibo Li linking related DCE/RPC flaws; a Black Hat Asia 2025 presentation notes two additional CVEs (CVE-2024-38812/38813) patched later, and federal agencies must upgrade to the latest version by Feb 13, 2026 to stay protected.

via The Hacker News|

#cisa #cve-2024-37079 #exploitation

cybersecurity2 months ago•3 min saved

CISA warns four enterprise flaws actively exploited across Versa, Zimbra, Vite, and Prettier

CISA has added four actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-31125 and CVE-2025-34026 affecting Versa software (including the Concerto SD-WAN) via dev-exposure and Traefik misconfig, CVE-2025-68645 in Zimbra Webmail Classic UI (local file inclusion), and a supply-chain issue in eslint-config-prettier (CVE-2025-54313) tied to Prettier. Patches or mitigations exist for affected products; US federal agencies must apply updates or stop using the products by February 12, 2026. The status of ransomware-related exploitation remains unknown.

via BleepingComputer|

#cisa #cybersecurity #enterprise-software

network-security3 months ago•2 min saved

WatchGuard Fireware OS VPN and Firewall Vulnerabilities Under Active Exploitation

WatchGuard has issued patches for a critical VPN security flaw in Fireware OS (CVE-2025-14733) that is actively being exploited in the wild, affecting multiple versions and configurations. Threat actors are targeting affected devices, with indicators of compromise provided. Users are urged to update their systems immediately and follow mitigation steps to prevent exploitation.

via The Hacker News|

#cve-2025-14733 #exploitation #fireware-os

world3 months ago•16 min saved

Few Farms Join Program to Prevent Farmworker Exploitation

The article discusses the persistent exploitation of farmworkers in the U.S. and highlights the potential of the Fair Food Program, which has improved conditions for workers on participating farms like Pacific Tomato Growers. Despite its success, most farms resist joining due to costs and industry opposition, limiting the program's reach and impact on farmworker rights.

via ProPublica|

#agriculture #exploitation #fair-food-program

cybersecurity4 months ago•3 min saved

CISA Adds OpenPLC ScadaBR XSS Vulnerability to KEV Amid Exploits

CISA has added the actively exploited CVE-2021-26829 XSS vulnerability in OpenPLC ScadaBR to its KEV catalog, highlighting ongoing threats from hacktivist groups like TwoNet, which exploited this flaw in a honeypot to deface a system. The attack involved using default credentials and web application layer exploits, with federal agencies required to patch by December 19, 2025. Additionally, a long-running exploit operation targeting Brazil has been observed, utilizing legitimate cloud infrastructure to evade detection.

via The Hacker News|

#cisa #cve-2021-26829 #cybersecurity

security5 months ago•4 min saved

Microsoft WSUS Vulnerability Under Active Attack, Urgent Updates Issued

A critical vulnerability in Windows Server Update Services (WSUS), tracked as CVE-2025-59287, is actively exploited by threat actors across multiple organizations, despite Microsoft releasing an emergency patch. The flaw allows unauthenticated remote code execution, and attackers are conducting reconnaissance and data exfiltration, posing a significant risk to affected servers. Experts warn that the vulnerability's ease of exploitation and the patch's incomplete fix increase the threat landscape, urging organizations to apply updates promptly.

via theregister.com|

#cve-2025-59287 #cybersecurity #exploitation

security5 months ago•3 min saved

Active Exploitation of Critical Windows Server WSUS Vulnerability Prompts Urgent Patch

A critical vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287, has been exploited by attackers shortly after an emergency patch was issued. The flaw allows remote code execution and affects Windows Server versions 2012-2025. Despite Microsoft releasing a fix, security researchers warn that the patch may not fully mitigate the risk, and exploitation activity has been observed, especially targeting exposed WSUS instances. Experts advise organizations to ensure their systems are properly patched and not exposed to the internet to prevent compromise.

via theregister.com|

#cve-2025-59287 #exploitation #patch-update

commentary5 months ago•9 min saved

The Hidden Dangers of Neighborly Relations and Lessons Learned

Netflix's documentary 'The Perfect Neighbor' highlights a tragic incident involving police footage and the suffering of children, raising concerns about the exploitation of trauma and the ethical boundaries of true crime storytelling.

via Salon.com|

#commentary #exploitation #netflix

cybersecurity6 months ago•2 min saved

Microsoft Warns of Ransomware Attacks Exploiting Critical GoAnywhere Bug

A critical vulnerability in Fortra's GoAnywhere MFT (CVE-2025-10035) has been exploited by the cybercrime group Storm-1175 in Medusa ransomware attacks since September 2025, leading to widespread compromises and urging organizations to update their systems to prevent further damage.

via BleepingComputer|

#cve-2025-10035 #cybersecurity #exploitation

technology6 months ago•2 min saved

Active Exploitation of Cisco IOS Zero-Day Vulnerability Affects Up to 2 Million Devices

Cisco has disclosed a actively exploited zero-day vulnerability (CVE-2025-20352) in its IOS and IOS XE software, affecting SNMP protocols and allowing remote code execution or DoS attacks. The flaw, rooted in a stack overflow, impacts all versions with SNMP enabled and has been exploited in the wild after attackers compromised administrator credentials. Cisco recommends immediate software updates and offers mitigation strategies, emphasizing the importance of strong credential management and restricted SNMP access.

via Cyber Security News|

#0day #cisco #exploitation