September 26, 2025

flaw

Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw – Help Net Security

Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw – Help Net Security

ellonjohns012 mins

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158Over 300,000 internet-facing Plex Media Server instances are still vulnerable to attack via CVE-2025-34158, a critical vulnerability for which Plex has issued a fix for earlier this month, Censys has…

Read More
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs

ellonjohns011 mins

A high-severity security flaw has been disclosed in ServiceNow’s platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 (CVSS score: 8.2), has been described as a case of data inference in Now Platform through conditional access control list (ACL) rules. It has been codenamed Count(er) Strike. “A…

Read More
Week in review: 300k+ Plex Media Server instances still vulnerable to attack, exploited Git RCE flaw – Help Net Security

Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference – Help Net Security

ellonjohns010 mins

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSAC 2025 ConferenceRSAC 2025 Conference took place at the Moscone Center in San Francisco. Check out our microsite for related news, photos, product releases, and more. Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)CVE-2025-31324, a critical vulnerability…

Read More