The fourth week of March 2025 has brought significant developments in mobile security and malware, with critical...
CVSS
A high-severity vulnerability (CVE-2025-26733) has been identified in the Shinetheme Traveler WordPress theme, affecting versions up to...
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-26873, has been disclosed in the Shinetheme Traveler...
A critical SQL injection vulnerability (CVE-2025-26898) has been identified in the Shinetheme Traveler WordPress theme, affecting versions...
A high-severity vulnerability (CVE-2025-30232) has been identified in Exim mail servers, affecting versions 4.96 through 4.98.1. The...
A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...
A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...
Security teams worldwide must stay updated on the latest detection rules and emerging threats to defend against...
A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...
A newly identified threat, Trojan.W97M.CVE202140444.A, exploits a critical Microsoft Office vulnerability (CVE-2021-40444) to execute remote code through...
Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies
Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies
Two critical vulnerabilities in OpenSSH—CVE-2024-6387 (dubbed “regreSSHion”) and CVE-2024-6409—pose significant risks to Linux systems running vulnerable versions....
A newly disclosed critical vulnerability (CVE-2025-1097) in Kubernetes’ Ingress-Nginx controller enables attackers to execute arbitrary code and...
A newly discovered high-severity vulnerability (CVE-2025-1098) in Kubernetes’ Ingress-Nginx controller allows attackers to execute arbitrary code and...
A critical security vulnerability (CVE-2025-1974) in Kubernetes’ ingress-nginx controller has been disclosed, allowing unauthenticated attackers with pod...
A newly disclosed high-severity vulnerability (CVE-2025-24514) in Kubernetes’ ingress-nginx controller enables attackers to execute arbitrary code and...
A newly discovered critical vulnerability (CVE-2025-2726) affecting multiple H3C Magic series routers allows remote attackers to execute...
A critical security vulnerability (CVE-2025-2727) has been identified in H3C Magic NX30 Pro routers running firmware versions...
A critical vulnerability (CVE-2025-2729) has been identified in multiple H3C Magic series routers, exposing them to remote...
A critical security vulnerability affecting multiple H3C Magic series routers has been identified, allowing remote attackers to...
A new open-source security tool called ModTracer provides critical visibility into Linux Kernel Module (LKM) rootkits that...
