Explore the latest trends and preventive strategies in information security abuse. Stay updated on cyber threats and safeguard your digital life.
Search across headline titles and summaries.
Background for this topic.
Abuse is any action that deviates from accepted ethical, legal, and professional standards to intentionally harm, manipulate, or exploit information systems and networks. In the context of information security, abuse often manifests as unauthorized activities that disrupt services, invade privacy, or utilize technology, such as computers and networks, for nefarious purposes.
This can include a range of actions from deploying malware to exploit system vulnerabilities, conducting denial of service attacks, to social engineering tactics designed to trick individuals into divulging sensitive information. Abuse in the digital realm poses significant risks to individuals, organizations, and the integrity of the information infrastructure at large.
Weekly headline count for the current query.
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild
CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse.
Trend Research uncovered misconfigurations in NVIDIA Riva deployments, with two vulnerabilities, CVE-2025-23242 and CVE-2025-23243, contributing to their exposure. These security flaws could lead to unauthorized access, resource abuse, and potential misuse or theft of AI-powered inference services, including speech recognition and text-to-speech processing.
Three days after Ivanti published an advisory about the high-severity vulnerability CVE-2024-8190, threat actors began to abuse the flaw.
Nicknamed ProxyNotShell, a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery (SSRF) vulnerability CVE-2022-41040 and a second vulnerability, CVE-2022-41082 that allows Remote Code Execution (RCE) when PowerShell is available to unidentified attackers
This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints.