CISA Adds 3 D-Link Router Flaws to KEV Catalog After Active Exploitation Reports

Threat Score:
56
The Hacker News
1 day ago

Overview

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesdayaddedthree old security flaws impacting D-Link Wi-Fi cameras and video recorders to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The high-severity vulnerabilities, which are from 2020 and 2022, are listed below - CVE-2020-25078(CVSS score: 7.5) - An unspecified vulnerability in D-Link DCS-2530L and DCS-2670L devices that could allow for remote administrator passw...

Related Articles

5 articles
3

Trend Micro fixes two actively exploited Apex One RCE flaws

Security Affairs 13 hours ago

Trend Micro patched two critical Apex One flaws (CVE-2025-54948, CVE-2025-54987) exploited in the wild, allowing RCE via console injection. Trend Micro released fixes for two critical vulnerabilities, tracked as CVE-2025-54948 and CVE-2025-54987 (CVSS score of 9.4), in Apex One on-prem consoles. The cybersecurity vendor confirmed that both issues were actively exploited in the wild. Both […]

Score
78
Read more
5

Akira and Lynx Ransomware Attacking Managed Service Providers With Stolen Login Credential and Vulnerabilities

Cybersecurity News 9 hours ago

Two sophisticated ransomware operations have emerged as significant threats to managed service providers (MSPs) and small businesses, with the Akira and Lynx groups deploying advanced attack techniques that combine stolen credentials with vulnerability exploitation. These ransomware-as-a-service (RaaS) operations have collectively compromised over 365 organizations, demonstrating their effectiveness in targeting high-value infrastructure providers that serve multiple […]

Score
76
Read more