Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Motex security patch release for CVE-2025-61932

Security Patch Release
First reported
Last updated
Happening score
H score 57
1 unique sources, 1 articles

Summary

Hide ▲

Motex released a fix for CVE-2025-61932 in Lanscope, addressing a critical on-premises flaw that had already been exploited as a zero-day. The patch narrows the exposed scope because cloud deployments are unaffected. The update matters because Lanscope is widely used in Japan, including by major listed and financial institutions.

Cases

Motex Lanscope exploitation, backdoor activity, and remediation (3)

Related Happenings

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

PAN-OS User-ID Authentication Portal mitigation guidance (CVE-2026-0300)

Advisory/Mitigation
First: 06.05.2026 09:14 Last: 06.05.2026 09:14 Sources 1

About this happening: Palo Alto Networks issued **mitigation guidance** for **CVE-2026-0300** after the **PAN-OS User-ID Authentication Portal** flaw was reported **exploited in the wild**, leaving pub...

Open Happening

Nginx-ui 2.3.4 patch for CVE-2026-33032

Security Patch Release
First: 15.04.2026 16:00 Last: 15.04.2026 16:00 Sources 1

About this happening: **nginx-ui maintainers** shipped **version 2.3.4** to fix **CVE-2026-33032**, closing a critical security gap for **MCP-enabled** deployments. The patch matters because the flaw c...

Latest development: 15.04.2026 17:45

After Pluto Security disclosed the issue in **March 2026**, the maintainers shipped **version 2.3.4** to address **CVE-2026-33032**. The patch closed the vulnerability in the product's **AI (MCP) integration** before broader exploitation details were reported.

Open Happening

TP-Link security patch release for CVE-2025-15517

Security Patch Release
First: 25.03.2026 13:11 Last: 25.03.2026 13:11 Sources 1

About this happening: **TP-Link** released **security updates** for its **Archer NX** router series to close a critical authentication-bypass flaw that could let attackers upload firmware without loggi...

Open Happening

Citrix security patch release for CVE-2026-3055

Security Patch Release
First: 24.03.2026 07:59 Last: 24.03.2026 07:59 Sources 1

About this happening: Citrix's **NetScaler ADC** and **NetScaler Gateway** updates close **CVE-2026-3055** and **CVE-2026-4368**, including a flaw that could leak sensitive memory from configured appli...

Open Happening

Timeline

  1. 06.11.2025 04:00 1 articles · 6mo ago

    Sophos attributes Lanscope zero-day exploitation to Bronze Butler

    Technical Analysis Update

    Sophos said Bronze Butler, also tracked as Tick, RedBaldKnight, Stalker Panda, and Swirl Typhoon, exploited CVE-2025-61932 as a zero-day in Lanscope in mid-2025 to breach organizations in Japan, deploy Gokcpdoor or Havoc, and use OAED, 7-Zip, remote desktop, file.io, and LimeWire for lateral movement and exfiltration; CISA added the CVE to the Known Exploited Vulnerabilities (KEV) catalog, and JPCERT/CC said domestic organizations may have been affected since as early as April 2025.

    Show sources
    Open in new tab