CVSS

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

CVE News

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Threat Intelligence

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Security teams worldwide must stay updated on the latest detection rules and emerging threats to defend against...

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

CVE News

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

CVE News

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

A newly identified threat, Trojan.W97M.CVE202140444.A, exploits a critical Microsoft Office vulnerability (CVE-2021-40444) to execute remote code through...

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

CVE News

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Two critical vulnerabilities in OpenSSH—CVE-2024-6387 (dubbed “regreSSHion”) and CVE-2024-6409—pose significant risks to Linux systems running vulnerable versions....

Critical Kubernetes Ingress-Nginx Vulnerability Exposes Clusters to RCE and Secret Theft (CVE-2025-1097)

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability Exposes Clusters to RCE and Secret Theft (CVE-2025-1097)

A newly disclosed critical vulnerability (CVE-2025-1097) in Kubernetes’ Ingress-Nginx controller enables attackers to execute arbitrary code and...

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1098) Exposes Clusters to RCE and Secret Theft

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1098) Exposes Clusters to RCE and Secret Theft

A newly discovered high-severity vulnerability (CVE-2025-1098) in Kubernetes’ Ingress-Nginx controller allows attackers to execute arbitrary code and...

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1974) Exposes Clusters to Remote Code Execution

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1974) Exposes Clusters to Remote Code Execution

A critical security vulnerability (CVE-2025-1974) in Kubernetes’ ingress-nginx controller has been disclosed, allowing unauthenticated attackers with pod...

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

A newly disclosed high-severity vulnerability (CVE-2025-24514) in Kubernetes’ ingress-nginx controller enables attackers to execute arbitrary code and...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

A newly discovered critical vulnerability (CVE-2025-2726) affecting multiple H3C Magic series routers allows remote attackers to execute...

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

CVE News

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

A critical security vulnerability (CVE-2025-2727) has been identified in H3C Magic NX30 Pro routers running firmware versions...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

A critical vulnerability (CVE-2025-2729) has been identified in multiple H3C Magic series routers, exposing them to remote...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

A critical security vulnerability affecting multiple H3C Magic series routers has been identified, allowing remote attackers to...

ModTracer: Open-Source Tool Detects Hidden Linux Kernel Rootkits

Security Tools & Research

ModTracer: Open-Source Tool Detects Hidden Linux Kernel Rootkits

A new open-source security tool called ModTracer provides critical visibility into Linux Kernel Module (LKM) rootkits that...

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

APT-News

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

Summary for Security Leadership The Russia-aligned RomCom APT group (also tracked as Storm-0978 or UNC2596) has been...

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

CVE News

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Summary for CISOs: A critical vulnerability (CVE-2024-7344) in UEFI Secure Boot allows attackers to bypass security checks...

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

CVE News

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

A critical authentication bypass vulnerability (CVE-2025-2747) has been identified in Kentico Xperience CMS, affecting versions through 13.0.178....

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

CVE News

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Summary A critical SQL injection vulnerability (CVE-2025-2683) has been discovered in PHPGurukul’s Bank Locker Management System version...

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

CVE News

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

A critical vulnerability (CVE-2025-2687) has been discovered in PHPGurukul eLearning System 1.0, affecting its Image Handler component....

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

CVE News

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

A critical deserialization vulnerability (CVE-2025-2690) has been discovered in the Yii2 PHP framework, allowing remote code execution....

Posts pagination

Previous 1 … 6 7 8 9 10 Next

CVSS

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

March 2025 Threat Intelligence Update: YARA, Snort Rules, and Emerging Ransomware Threats

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Critical Kubernetes Ingress-Nginx Vulnerability Exposes Clusters to RCE and Secret Theft (CVE-2025-1097)

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1098) Exposes Clusters to RCE and Secret Theft

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1974) Exposes Clusters to Remote Code Execution

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

ModTracer: Open-Source Tool Detects Hidden Linux Kernel Rootkits

RomCom APT Exploits Firefox and Windows Zero-Days in Stealthy Cyberattacks

CVE-2024-7344: Critical UEFI Secure Boot Bypass Vulnerability Exposed

Critical Authentication Bypass in Kentico Xperience CMS (CVE-2025-2747)

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Critical Unrestricted File Upload Vulnerability in PHPGurukul eLearning System (CVE-2025-2687)

Critical Yii2 Framework Vulnerability (CVE-2025-2690): Remote Code Execution Risk

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected