patches

August 13, 2025

Adobe’s August 2025 Patch Tuesday Fixes 60 Vulnerabilities Across Multiple Products

Adobe has rolled out its August 2025 Patch Tuesday updates, addressing a total of 60 vulnerabilities across a wide array…
Read More »
August 11, 2025

Win-DoS’ Zero-Click Exploit Could Weaponize Windows Infrastructure for DDoS Attacks

Security researchers have uncovered a “zero-click” denial-of-service chain that can silently turn thousands of Microsoft Windows Domain Controllers (DCs) into…
Read More »
August 9, 2025

Multiple Zero-Day Exploits Discover That Bypass BitLocker, Exposing All Encrypted Data

Microsoft security researchers have uncovered four critical vulnerabilities in Windows BitLocker that could allow attackers with physical access to bypass…
Read More »
August 9, 2025

Linux Kernel Vulnerability Allows Attackers to Gain Full Kernel-Level Control From Chrome Sandbox

August 9, 2025: A severe security vulnerability in the Linux kernel, dubbed CVE-2025-38236, has been uncovered by Google Project Zero…
Read More »
July 30, 2025

Android Banking Malware Masquerades as Government Agencies to Attack Users

Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate…
Read More »
July 27, 2025

Microsoft Investigates Leak in Early Warning System Used by Chinese Hackers to Exploit SharePoint Vulnerabilities

Chinese laws requiring vulnerability disclosure to the government create transparency issues and potential conflicts for international cybersecurity efforts. Microsoft is…
Read More »
July 26, 2025

New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies

AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces. Through its…
Read More »
July 24, 2025

Metasploit Module Released to Exploit SharePoint 0-Day Vulnerabilities

Security researchers have released a Metasploit exploitation module targeting critical zero-day vulnerabilities in Microsoft SharePoint Server, marking a significant escalation…
Read More »
July 21, 2025

Sophos Intercept X for Windows Flaws Enable Arbitrary Code Execution

Sophos has disclosed three critical security vulnerabilities in its Intercept X for Windows endpoint security solution that could allow attackers…
Read More »
July 16, 2025

Lenovo Vantage Flaws Enable Attackers to Gain SYSTEM-Level Privileges

Security researchers at Atredis have uncovered multiple privilege escalation vulnerabilities in Lenovo Vantage, a pre-installed management platform on Lenovo laptops…
Read More »
July 14, 2025

Gigabyte UEFI Firmware Vulnerability Allows Code Execution in SMM Privileged Mode

Critical security vulnerabilities in Gigabyte motherboard firmware have been disclosed that allow attackers to execute arbitrary code in System Management…
Read More »
July 13, 2025

Fortinet FortiWeb Fabric Connector Flaw Enables Remote Code Execution

Security researchers have identified a severe pre-authentication SQL injection vulnerability in Fortinet’s FortiWeb Fabric Connector, designated as CVE-2025-25257, that allows…
Read More »
July 8, 2025

Ivanti Products Connect Secure and Policy Secure Hit by Denial-of-Service Vulnerabilities

Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could…
Read More »
July 8, 2025

macOS SMBClient Flaw Enables Remote Code Execution and Kernel Crashes

A critical vulnerability has been discovered in Apple’s macOS SMBClient, exposing millions of users to the risk of remote code…
Read More »
June 18, 2025

Veeam Vulnerabilities Expose Backup Servers to Remote Attacks

Veeam, a leading provider of data protection and backup solutions, disclosed three critical vulnerabilities affecting its widely deployed backup software.…
Read More »
June 17, 2025

BeyondTrust Tools RCE Vulnerability Allows Attackers Execute Arbitrary Code

A newly disclosed vulnerability in BeyondTrust’s Remote Support (RS) and Privileged Remote Access (PRA) products has raised alarms across the…
Read More »
June 15, 2025

Amazon Cloud Cam Flaw Allows Attackers to Intercept and Modify Network Traffic

A critical vulnerability (CVE-2025-6031) has been identified in Amazon Cloud Cam devices, which reached end-of-life (EOL) status in December 2022.…
Read More »
June 14, 2025

Microsoft Defender Spoofing Flaw Enables Privilege Escalation and AD Access

A newly disclosed spoofing vulnerability (CVE-2025-26685) in Microsoft Defender for Identity (MDI) enables unauthenticated attackers to capture Net-NTLM hashes of…
Read More »
June 14, 2025

Spring Framework Flaw Enables Remote File Disclosure via “Content‑Disposition” Header

A medium-severity reflected file download (RFD) vulnerability (CVE-2025-41234) in VMware’s Spring Framework has been patched, affecting multiple versions of the…
Read More »
June 12, 2025

Privilege Escalation in PAN-OS Web Interface Allows Admin Users to Perform Root Actions

Palo Alto Networks disclosed a medium-severity command injection vulnerability on June 11, 2025, designated as CVE-2025-4231, affecting the management web…
Read More »

Previous page Next page