Red-Team

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

A newly disclosed high-severity vulnerability (CVE-2025-24514) in Kubernetes’ ingress-nginx controller enables attackers to execute arbitrary code and...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

A newly discovered critical vulnerability (CVE-2025-2726) affecting multiple H3C Magic series routers allows remote attackers to execute...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

A critical command injection vulnerability (CVE-2025-2728) affecting H3C Magic NX30 Pro and NX400 routers has been identified,...

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

CVE News

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

A critical security vulnerability (CVE-2025-2727) has been identified in H3C Magic NX30 Pro routers running firmware versions...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

A critical vulnerability (CVE-2025-2729) has been identified in multiple H3C Magic series routers, exposing them to remote...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

A critical security vulnerability affecting multiple H3C Magic series routers has been identified, allowing remote attackers to...

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

Red-Team

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

A new tool called Imperius has emerged, designed to detect and expose Linux Kernel Module (LKM) rootkits...

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug Bounties & Responsible Disclosure

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug bounty programs have become a proven strategy for strengthening system security through collaboration with external researchers....

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

Red-Team

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

In an era of evolving cyber threats, organizations are adopting realistic methods to test their defenses. Red...

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

CVE News

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Summary for CISOs: A critical vulnerability (CVE-2024-7344) in UEFI Secure Boot allows attackers to bypass security checks...

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

CVE News

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

A critical authentication bypass vulnerability (CVE-2025-2747) has been identified in Kentico Xperience CMS, affecting versions through 13.0.178....

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

CVE News

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Summary A critical SQL injection vulnerability (CVE-2025-2683) has been discovered in PHPGurukul’s Bank Locker Management System version...

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

CVE News

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

A critical vulnerability (CVE-2025-2687) has been discovered in PHPGurukul eLearning System 1.0, affecting its Image Handler component....

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

CVE News

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

A critical deserialization vulnerability (CVE-2025-2690) has been discovered in the Yii2 PHP framework, allowing remote code execution....

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Blue-Team
CVE News

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Zoho Corporation has addressed a medium-severity authentication vulnerability (CVE-2025-1723) in ManageEngine ADSelfService Plus versions 6510 and earlier....

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

CVE News

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

Broadcom has addressed multiple high-severity vulnerabilities in VMware ESXi, Workstation, and Fusion products, as detailed in NCSC...

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

CVE News

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

Summary: IBM has addressed critical security vulnerabilities in its enterprise storage products, including authentication bypass (CVE-2025-0159) and...

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

CVE News

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

SAP has released security updates addressing multiple vulnerabilities across its software portfolio, including SAP Commerce, SAP NetWeaver,...

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

CVE News

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

A critical authorization bypass vulnerability (CVE-2024-53351) has been discovered in PipeCD v0.49, allowing attackers to access service...

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

CVE News

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

A critical SQL injection vulnerability (CVE-2025-30590) has been discovered in the Dourou Flickr set slideshows plugin, affecting...

Posts pagination

Previous 1 … 10 11 12 13 14 15 16 Next

Red-Team

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

ManageEngine ADSelfService Plus Session Hijacking Vulnerability Patched (CVE-2025-1723)

Critical VMware Vulnerabilities Patched: NCSC-2025-0073 Advisory on ESXi, Workstation, and Fusion Risks

IBM Storage Products Patched for Critical Authentication Bypass and RCE Vulnerabilities

SAP Patches Critical Vulnerabilities in Commerce, NetWeaver, and BusinessObjects Components

Critical PipeCD Vulnerability (CVE-2024-53351): Authorization Bypass Exposes Deployment Pipelines

High-Severity SQL Injection Vulnerability in Flickr Set Slideshows (CVE-2025-30590)

You may have missed

Google Issues Workarounds for ChromeOS Authentication Failures in Enterprise Environments

Microsoft Word’s Cloud-Centric Default: Security Implications and Enterprise Management Challenges

Passwordstate Authentication Bypass: A History of High-Severity Flaws and Hardening

Global Law Enforcement Intensifies Crackdown on Cybercrime Enablers with VerifTools Takedown