vulnerabilities

4 days ago

MICI NetFax Server Flaws Allow Attackers to Execute Remote Code

In a recent security advisory, Rapid7 has disclosed three severe vulnerabilities in MICI Network Co., Ltd’s NetFax Server, affecting all…
Read More »
5 days ago

UTG-Q-015 Hackers Launch Massive Brute-Force Attacks on Government Web Servers

The hacker group UTG-Q-015, first identified in December 2024 for mounting attacks on major websites like CSDN, has escalated its…
Read More »
5 days ago

Cybercriminals Are Turning Ordinary Citizens Into Money Mules in a New ‘Rent-a-Bank-Account’ Scam

Cybercriminals are exploiting vulnerable individuals by transforming them into unwitting money mules through a sophisticated fraud known as the ‘rent-a-bank-account’…
Read More »
7 days ago

Mozilla Quickly Fixes Firefox Vulnerabilities from Pwn2Own 2025 with Urgent Patches

At this year’s Pwn2Own Berlin, security researchers successfully demonstrated two new zero-day exploits against Mozilla Firefox, targeting the browser’s content…
Read More »
1 week ago

Meteobridge web interface Vulnerability Let Attackers Inject Commands Remotely

ONEKEY Research Lab has uncovered a severe command injection vulnerability in the MeteoBridge firmware, a compact device designed to connect…
Read More »
1 week ago

Severe vBulletin Flaw Allows Remote Code Execution by Attackers

A newly discovered vulnerability in vBulletin, one of the world’s most popular commercial forum platforms, has highlighted the dangers of…
Read More »
1 week ago

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile (EPMM) version 12.5.0.0 and earlier.…
Read More »
1 week ago

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code execution (RCE) access to Burger King…
Read More »
1 week ago

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt DNS infrastructure, manipulate Non-Human Identity…
Read More »
2 weeks ago

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on critical security flaws in .NET-based…
Read More »