flaws
-
Iranian APT Groups Intensify Cyberattacks on Critical Infrastructure Amid Rising Geopolitical Tensions
A dramatic escalation in Middle Eastern tensions began last week with Operation Lion’s Roar, a joint U.S.-Iranian military strike on…
Read More » -
Roundcube Flaws Let Attackers Execute Malicious Scripts
Roundcube, a widely used open-source webmail platform, has released critical security updates to address two significant vulnerabilities in its 1.6…
Read More » -
Russian Hackers Launch Attacks on Network Edge Devices in Western Critical Infrastructure
Russian state-sponsored hackers have intensified their attacks on misconfigured network edge devices across Western critical infrastructure, marking a significant shift…
Read More » -
NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks
NVIDIA has issued urgent security patches for its Merlin machine learning framework, addressing two high-severity deserialization vulnerabilities that could allow…
Read More » -
Apple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone Users
Apple has recently released critical security patches to address two zero-day vulnerabilities that are being actively exploited on iPhone and…
Read More » -
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches to address two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. These…
Read More » -
Avast Antivirus Sandbox Vulnerabilities Allow Privilege Escalation
SAFA researchers uncovered four kernel heap overflow vulnerabilities in Avast Antivirus’s aswSnx.sys driver, designated CVE-2025-13032, affecting versions before 25.3 on…
Read More » -
Qualcomm Alerts Users to Critical Flaws That Compromise the Secure Boot Process
Qualcomm Technologies, Inc. has issued an urgent security bulletin warning customers about multiple critical vulnerabilities affecting millions of devices worldwide.…
Read More » -
Metasploit Releases New Exploit for Fresh FortiWeb 0-Day Vulnerabilities
Rapid7’s Metasploit team has released a new exploit module targeting critical zero-day vulnerabilities in Fortinet’s FortiWeb web application firewall, chaining…
Read More » -
Multiple Django Flaws Could Allow SQL Injection and Denial-of-Service Attacks
The Django development team has released critical security patches addressing two significant vulnerabilities that could expose applications to denial-of-service attacks…
Read More » -
Massive Tata Motors Data Leak Exposes 70+ TB of Sensitive Information
Tata Motors, India’s largest automaker and a major player in the global automotive industry, suffered a catastrophic data exposure that…
Read More » -
Top 10 Best Cloud Workload Protection Platforms (CWPP) in 2025
The cloud landscape in 2025 continues its unprecedented growth, with organizations of all sizes rapidly migrating critical workloads to public,…
Read More » -
Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild
Cybersecurity firm Wordfence has uncovered a renewed wave of mass exploitation targeting critical vulnerabilities in two popular WordPress plugins, allowing…
Read More » -
Top 10 Best Cloud Penetration Testing Providers in 2025
The rapid migration to cloud environments – AWS, Azure, and GCP being the dominant players continues unabated in 2025. While…
Read More » -
Cisco Desk, IP, and Video Phones Vulnerable to Remote DoS and XSS Attacks
Multiple Cisco desk, IP, and video phones are at risk of remote denial-of-service (DoS) and cross-site scripting (XSS) attacks due…
Read More » -
Hackers Breach F5 Steal BIG-IP Source Code and Secret Vulnerability Data
F5 Networks confirmed that a sophisticated nation-state threat actor infiltrated its systems, exfiltrating proprietary BIG-IP source code and confidential vulnerability…
Read More » -
CISA Issues Alert on Active Exploitation of Microsoft Windows Privilege Escalation Flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a critical privilege escalation vulnerability in Microsoft…
Read More » -
Top 10 Best Supply Chain Risk Management Solutions in 2025
Best Supply Chain Risk Management Solutions In today’s globalized world, managing supply chain risks has become a top priority for…
Read More » -
TOTOLINK X6000R Routers Hit by Three Vulnerabilities Allowing Remote Code Execution
Three critical security flaws were discovered in firmware version V9.4.0cu.1360_B20241207 of the TOTOLINK X6000R router released on March 28, 2025.…
Read More »