patches
-
Docker Releases Free, Production-Grade Hardened Container Images
In a significant move to enhance software supply chain security, Docker has made its production-grade hardened container images available as…
Read More » -
PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel POSIX CPU Timers
A newly discovered vulnerability in the Linux kernel’s POSIX CPU timers has been exposed, with a detailed proof-of-concept demonstrating one…
Read More » -
Roundcube Flaws Let Attackers Execute Malicious Scripts
Roundcube, a widely used open-source webmail platform, has released critical security updates to address two significant vulnerabilities in its 1.6…
Read More » -
Microsoft Patches MSMQ Flaw That Affects IIS Web Servers
Microsoft has issued an emergency security update to fix a critical vulnerability in the Message Queuing (MSMQ) feature, which affects…
Read More » -
Hackers Actively Exploit SonicWall SMA1000 Zero-Day to Escalate Privileges
SonicWall has released an urgent security advisory regarding the active exploitation of a local privilege escalation vulnerability affecting its SMA1000…
Read More » -
Microsoft Desktop Window Manager Flaw Allows Privilege Escalation
A critical vulnerability has been identified in the Windows Desktop Window Manager (DWM) that could potentially allow attackers to escalate…
Read More » -
CISA Alerts on Apple WebKit Zero-Day Actively Used in Cyberattacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability affecting multiple Apple products to its Known…
Read More » -
NVIDIA Merlin Vulnerabilities Allows Malicious Code Execution and DoS Attacks
NVIDIA has issued urgent security patches for its Merlin machine learning framework, addressing two high-severity deserialization vulnerabilities that could allow…
Read More » -
Apple Confirms Zero-Day Exploitation in Targeted Attacks on iPhone Users
Apple has recently released critical security patches to address two zero-day vulnerabilities that are being actively exploited on iPhone and…
Read More » -
Surge in Attacks Targeting RSC-Enabled Services Worldwide
In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execution (RCE), was publicly…
Read More » -
Notepad++ Flaw Allows Attackers to Hijack Update Traffic and Deploy Malware
A critical security flaw in the popular text editor Notepad++ has been addressed with the release of version 8.8.9, which…
Read More » -
644K+ Websites at Risk Due to Critical React Server Components Flaw
A critical vulnerability known as “React2Shell” has been identified by the Shadowserver Foundation, posing a significant threat to a massive…
Read More » -
High-Risk Ivanti EPM Vulnerability Opens Door to Admin Session Hijacking
A critical stored cross-site scripting (XSS) vulnerability has been discovered in Ivanti Endpoint Manager (EPM), allowing unauthenticated attackers to hijack…
Read More » -
Zoom Rooms on Windows and macOS Exposed to Privilege Escalation and Data Leakage Flaws
Zoom has released security patches to address two critical vulnerabilities in Zoom Rooms deployments on both Windows and macOS. These…
Read More » -
CISA Issues Alert on Actively Exploited Android Zero-Day Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV)…
Read More » -
Qualcomm Alerts Users to Critical Flaws That Compromise the Secure Boot Process
Qualcomm Technologies, Inc. has issued an urgent security bulletin warning customers about multiple critical vulnerabilities affecting millions of devices worldwide.…
Read More »