CVE News

Pennsylvania Attorney General’s Office Disrupted by Citrix NetScaler Exploit

CVE News

Pennsylvania Attorney General’s Office Disrupted by Citrix NetScaler Exploit

The Pennsylvania Attorney General’s Office (AGO) has confirmed a cyberattack that disrupted critical systems, including email services,...

Windows 11 August 2025 Updates: Security Patches and New Features

CVE News

Windows 11 August 2025 Updates: Security Patches and New Features

Microsoft has released cumulative updates KB5063878 and KB5063875 for Windows 11 versions 24H2 and 23H2, addressing 107...

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

CVE News

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

Microsoft’s August 2025 Patch Tuesday addresses 107 security vulnerabilities, including one actively exploited zero-day in Windows Kerberos....

Over 3,000 NetScaler Devices Remain Unpatched Against CitrixBleed 2 Vulnerability

CVE News

Over 3,000 NetScaler Devices Remain Unpatched Against CitrixBleed 2 Vulnerability

As of August 2025, more than 3,300 Citrix NetScaler devices remain vulnerable to CitrixBleed 2 (CVE-2025-5777), a...

Over 29,000 Unpatched Exchange Servers at Risk of Domain Compromise via CVE-2025-53786

CVE News

Over 29,000 Unpatched Exchange Servers at Risk of Domain Compromise via CVE-2025-53786

More than 29,000 Microsoft Exchange servers remain vulnerable to CVE-2025-53786, a high-severity flaw (CVSS 8.0) that enables...

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

CVE News

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

A critical WinRAR vulnerability, tracked as CVE-2025-8088, was actively exploited as a zero-day in phishing campaigns to...

CrushFTP Zero-Day Exploited for Unauthenticated Admin Access: Technical Breakdown

CVE News

CrushFTP Zero-Day Exploited for Unauthenticated Admin Access: Technical Breakdown

Administrators and security teams are urged to patch CrushFTP servers immediately following active exploitation of a critical...

Gigabyte Motherboard UEFI Vulnerabilities Expose Systems to Persistent Bootkit Malware

CVE News

Gigabyte Motherboard UEFI Vulnerabilities Expose Systems to Persistent Bootkit Malware

Security researchers have identified critical vulnerabilities in Gigabyte motherboards that allow attackers to bypass Secure Boot and...

Critical Pre-Auth RCE Exploit Released for Fortinet FortiWeb: Patch Immediately

CVE News

Critical Pre-Auth RCE Exploit Released for Fortinet FortiWeb: Patch Immediately

Proof-of-concept (PoC) exploits for a critical SQL injection (SQLi) vulnerability in Fortinet FortiWeb have been publicly released,...

Gravity Forms Compromised in Supply-Chain Attack: Backdoored Plugins Distributed via Official Website

CVE News

Gravity Forms Compromised in Supply-Chain Attack: Backdoored Plugins Distributed via Official Website

The developers of Gravity Forms, a widely used WordPress plugin with over 1 million active installations, have...

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

CVE News

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

A critical vulnerability in OpenVSX, the open-source extension marketplace used by popular VS Code forks like Cursor...

PerfektBlue Bluetooth Vulnerabilities Expose Critical Automotive Systems to Remote Attacks

CVE News

PerfektBlue Bluetooth Vulnerabilities Expose Critical Automotive Systems to Remote Attacks

Four vulnerabilities in OpenSynergy’s BlueSDK Bluetooth stack, collectively dubbed PerfektBlue, have been identified as affecting vehicles from...

Windows 11 KB5062553 & KB5062552 Updates: Security Fixes and Enterprise Impact

CVE News

Windows 11 KB5062553 & KB5062552 Updates: Security Fixes and Enterprise Impact

Microsoft has released two critical cumulative updates for Windows 11 – KB5062553 for version 24H2 and KB5062552...

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

CVE News

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

Microsoft’s July 2025 Patch Tuesday has released security updates addressing 137 vulnerabilities across its product line, including...

Brother Printer Vulnerability: Unpatchable Default Admin Password Flaw Affects 689 Models

CVE News

Brother Printer Vulnerability: Unpatchable Default Admin Password Flaw Affects 689 Models

A critical vulnerability affecting 689 Brother printer models, along with devices from Fujifilm, Toshiba, and Konica Minolta,...

Cisco ISE and ISE-PIC Vulnerabilities: Critical RCE Flaws Require Immediate Patching

CVE News

Cisco ISE and ISE-PIC Vulnerabilities: Critical RCE Flaws Require Immediate Patching

Cisco has issued an urgent security advisory regarding two critical remote code execution (RCE) vulnerabilities affecting its...

Critical Privilege Escalation Vulnerability in WordPress Motors Theme Actively Exploited

CVE News

Critical Privilege Escalation Vulnerability in WordPress Motors Theme Actively Exploited

A critical privilege escalation vulnerability (CVE-2025-4322) in the WordPress Motors theme is being actively exploited in the...

CISA Warns of Actively Exploited Linux Kernel Vulnerability (CVE-2024-1086)

CVE News

CISA Warns of Actively Exploited Linux Kernel Vulnerability (CVE-2024-1086)

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about attackers exploiting a high-severity vulnerability...

BeyondTrust Remote Support Vulnerability (CVE-2025-5309): Pre-Auth RCE Analysis

CVE News

BeyondTrust Remote Support Vulnerability (CVE-2025-5309): Pre-Auth RCE Analysis

BeyondTrust has issued critical security updates to address a high-severity Server-Side Template Injection (SSTI) vulnerability in its...

Critical Linux udisks Vulnerability Allows Local Privilege Escalation to Root

CVE News

Critical Linux udisks Vulnerability Allows Local Privilege Escalation to Root

A newly discovered vulnerability in the Linux udisks service (CVE-2025-6019) enables local attackers to escalate privileges to...

Posts pagination

1 2 3 4 … 12 Next

CVE News

Pennsylvania Attorney General’s Office Disrupted by Citrix NetScaler Exploit

Windows 11 August 2025 Updates: Security Patches and New Features

Microsoft August 2025 Patch Tuesday: Zero-Day in Windows Kerberos Among 107 Flaws

Over 3,000 NetScaler Devices Remain Unpatched Against CitrixBleed 2 Vulnerability

Over 29,000 Unpatched Exchange Servers at Risk of Domain Compromise via CVE-2025-53786

WinRAR Zero-Day Exploited in Phishing Attacks to Deploy RomCom Malware

CrushFTP Zero-Day Exploited for Unauthenticated Admin Access: Technical Breakdown

Gigabyte Motherboard UEFI Vulnerabilities Expose Systems to Persistent Bootkit Malware

Critical Pre-Auth RCE Exploit Released for Fortinet FortiWeb: Patch Immediately

Gravity Forms Compromised in Supply-Chain Attack: Backdoored Plugins Distributed via Official Website

OpenVSX Zero-Day Vulnerability: How a Single Flaw Threatened Millions of Developer Environments

PerfektBlue Bluetooth Vulnerabilities Expose Critical Automotive Systems to Remote Attacks

Windows 11 KB5062553 & KB5062552 Updates: Security Fixes and Enterprise Impact

Microsoft’s July 2025 Patch Tuesday Addresses 137 Vulnerabilities Including Critical WebDAV Zero-Day

Brother Printer Vulnerability: Unpatchable Default Admin Password Flaw Affects 689 Models

Cisco ISE and ISE-PIC Vulnerabilities: Critical RCE Flaws Require Immediate Patching

Critical Privilege Escalation Vulnerability in WordPress Motors Theme Actively Exploited

CISA Warns of Actively Exploited Linux Kernel Vulnerability (CVE-2024-1086)

BeyondTrust Remote Support Vulnerability (CVE-2025-5309): Pre-Auth RCE Analysis

Critical Linux udisks Vulnerability Allows Local Privilege Escalation to Root

You may have missed

U.S. Sanctions Grinex Crypto-Exchange as Garantex Successor in Crackdown on Ransomware Money Laundering

Meta’s Erroneous Instagram Account Bans: Technical Implications for Security Teams

Supreme Court’s Decision on Mississippi Social Media Age Verification Law: Technical and Legal Implications

Microsoft Resolves Critical Windows Server Cluster and VM Stability Issues