CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
The Hacker News 13.12.2025 12:33
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild.
CVE-2018-4063 (CVSS score: 8.8/9.9) refers to an unrestricted file upload vulnerability that could be exploited to achieve remote code
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
The Hacker News 13.12.2025 05:32
Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week.
The vulnerabilities are listed below –
CVE-2025-43529 (CVSS score: N/A) – A use-after-free vulnerability in WebKit