News

China’s Deep-Sea Electromagnetic Device: Assessing the Threat to Undersea Infrastructure

Threat Intelligence

China’s Deep-Sea Electromagnetic Device: Assessing the Threat to Undersea Infrastructure

Recent reports of a Chinese deep-sea electromagnetic device capable of disrupting global communications and energy networks have...

Europe’s Defense Shift: Implications for U.S. Arms and NATO Relations

News

Europe’s Defense Shift: Implications for U.S. Arms and NATO Relations

The European Union’s push to prioritize locally manufactured weapons under its “Readiness 2030” strategy has raised concerns...

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

CVE News

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

A critical vulnerability in AssetView and AssetView CLOUD (CVE-2025-25060) has been disclosed, allowing unauthenticated attackers to access...

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

CVE News

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

A critical vulnerability (CVE-2023-40714) affecting multiple versions of Fortinet’s FortiSIEM security information and event management solution has...

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

CVE News

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

A critical vulnerability (CVE-2024-39780) has been identified in the Robot Operating System (ROS) dynparam tool, allowing arbitrary...

Trump’s TikTok Decision: National Security, Ownership, and April 5 Deadline

News

Trump’s TikTok Decision: National Security, Ownership, and April 5 Deadline

Former President Donald Trump is set to meet with senior advisors, including Vice President JD Vance, on...

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

CVE News

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-31131) has been identified in YesWiki, a PHP-based wiki system, with a...

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

CVE News

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

A critical SQL injection vulnerability (CVE-2025-30807) has been identified in the Next-Cart Store to WooCommerce Migration plugin,...

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

CVE News

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

A high-severity vulnerability (CVE-2025-30892) has been identified in the Magepeople WpTravelly WordPress plugin, exposing websites to potential...

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE News

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

A high-severity SQL injection vulnerability (CVE-2025-31089) has been identified in Fahad Mahmood’s Order Splitter for WooCommerce plugin,...

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

CVE News

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

A critical SQL injection vulnerability (CVE-2025-31534) has been identified in the Shopperdotcom Shopper platform, affecting all versions...

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

CVE News

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

A critical SQL injection vulnerability (CVE-2025-31551) has been identified in the Salesmate.io Salesmate Add-On for Gravity Forms,...

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

CVE News

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

A critical SQL injection vulnerability (CVE-2025-31552) has been identified in the RSVPMarker WordPress plugin, affecting versions up...

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

CVE News

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

A critical SQL injection vulnerability (CVE-2025-31553) has been identified in the WPFactory Advanced WooCommerce Product Sales Reporting...

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

CVE News

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

A critical security vulnerability has been identified in the Sabuj Kundu CBX Poll WordPress plugin, tracked as...

Google Introduces Simplified End-to-End Encryption for Gmail Enterprise Users

News

Google Introduces Simplified End-to-End Encryption for Gmail Enterprise Users

Google has begun rolling out a new end-to-end encryption (E2EE) feature for Gmail enterprise users, streamlining secure...

Facial Recognition and Corporate Bans: The Case of Radio City Music Hall

News

Facial Recognition and Corporate Bans: The Case of Radio City Music Hall

In a striking example of how facial recognition technology is being leveraged for corporate enforcement, a man...

Hong Kong Data Breach: 128,000 Records Exposed Due to System Neglect and Outdated Infrastructure

Data Breach

Hong Kong Data Breach: 128,000 Records Exposed Due to System Neglect and Outdated Infrastructure

A recent data breach affecting nearly 128,000 individuals in Hong Kong has been attributed to a combination...

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

Data Breach

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

Oracle faces mounting scrutiny after cybersecurity researchers uncovered evidence of a breach in its SaaS infrastructure, contradicting...

National Defense Corporation Ransomware Attack: Breach Disclosed, Ransom Refused

APT-News

National Defense Corporation Ransomware Attack: Breach Disclosed, Ransom Refused

The National Defense Corporation (NDC) has confirmed a ransomware attack targeting its subsidiary AMTEC, a major manufacturer...

Red-Team News

China’s Deep-Sea Electromagnetic Device: Assessing the Threat to Undersea Infrastructure

Europe’s Defense Shift: Implications for U.S. Arms and NATO Relations

AssetView Vulnerability Exposes Systems to Unauthenticated File Access and Deletion (CVE-2025-25060)

Critical Path Traversal Vulnerability in FortiSIEM (CVE-2023-40714) Allows Privilege Escalation

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

Trump’s TikTok Decision: National Security, Ownership, and April 5 Deadline

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)

CVE-2025-31534: Critical SQL Injection Vulnerability in Shopperdotcom Shopper

Critical SQL Injection Vulnerability in Salesmate Add-On for Gravity Forms (CVE-2025-31551)

Critical SQL Injection Vulnerability in RSVPMarker WordPress Plugin (CVE-2025-31552)

Critical SQL Injection Vulnerability in Advanced WooCommerce Product Sales Reporting (CVE-2025-31553)

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

Google Introduces Simplified End-to-End Encryption for Gmail Enterprise Users

Facial Recognition and Corporate Bans: The Case of Radio City Music Hall

Hong Kong Data Breach: 128,000 Records Exposed Due to System Neglect and Outdated Infrastructure

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

National Defense Corporation Ransomware Attack: Breach Disclosed, Ransom Refused

You may have missed

Windows 11 22H2 End of Support: Key Dates and Security Implications

WeTransfer’s AI Training Policy Reversal: A Security and Trust Analysis

The Arctic World Archive: A Cold Storage Solution for Digital Heritage

EE Network Outage: Technical Fault Disrupts Voice Services for Multiple Days