High Risk

ASUS DSL Router Critical Authentication Bypass: CVE-2025-59367 Analysis and Mitigation

CVE News

ASUS DSL Router Critical Authentication Bypass: CVE-2025-59367 Analysis and Mitigation

ASUS has issued a security advisory concerning a critical authentication bypass vulnerability, tracked as CVE-2025-59367, affecting several...

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

Cyber Laws & Regulations

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies,...

Triofox Antivirus Feature Abused for SYSTEM-Level Code Execution

CVE News

Triofox Antivirus Feature Abused for SYSTEM-Level Code Execution

A critical vulnerability in Gladinet’s Triofox file-sharing platform has been actively exploited by threat actors to bypass...

SAP November 2025 Patch Day: Critical Hardcoded Credentials and Code Injection Flaws Addressed

CVE News

SAP November 2025 Patch Day: Critical Hardcoded Credentials and Code Injection Flaws Addressed

SAP has released its November 2025 security updates, a critical patch batch addressing 18 new security notes...

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

Blue-Team

NAKIVO v11.1 Enhances Disaster Recovery with Real-Time Replication and MSP Security

NAKIVO Inc. has launched Backup & Replication v11.1, a substantial update that significantly expands the platform’s disaster...

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

CVE News

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

A critical security vulnerability in the Service Finder WordPress theme and its accompanying Bookings plugin is being...

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Blue-Team

Docker’s Hardened Images: A Security-First Approach to Container Supply Chain

Docker has fundamentally changed its approach to container security by making its Hardened Images catalog available through...

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

CVE News

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

The Redis security team has issued patches for a critical, maximum-severity vulnerability that enables authenticated attackers to...

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

CVE News

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

A significant security vulnerability, tracked as CVE-2025-59489, has been identified within the Unity game engine, posing a...

Supermicro BMC Vulnerabilities Expose Persistent Backdoor Risks in Server Firmware

CVE News

Supermicro BMC Vulnerabilities Expose Persistent Backdoor Risks in Server Firmware

Security researchers have identified new vulnerabilities in Supermicro’s Baseboard Management Controller (BMC) firmware that allow attackers to...

Microsoft Exchange Online Outage: Analysis of North American Service Disruption and Historical Context

Blue-Team

Microsoft Exchange Online Outage: Analysis of North American Service Disruption and Historical Context

Microsoft is currently addressing a significant service disruption affecting its Exchange Online email platform for customers across...

The Buyer’s Guide to Browser Extension Management: Mitigating a Pervasive Enterprise Risk

Blue-Team

The Buyer’s Guide to Browser Extension Management: Mitigating a Pervasive Enterprise Risk

Browser extensions are indispensable for modern workflows, boosting productivity by customizing the browsing experience. However, this convenience...

Czech Cyber Agency Issues High-Risk Warning on Chinese Technology and Data Transfers

APT-News

Czech Cyber Agency Issues High-Risk Warning on Chinese Technology and Data Transfers

The National Cyber and Information Security Agency of the Czech Republic (NÚKIB) has formally instructed organizations within...

TP-Link Router Zero-Day and Active Exploitation Campaigns Prompt Urgent CISA Response

CVE News

TP-Link Router Zero-Day and Active Exploitation Campaigns Prompt Urgent CISA Response

TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as the U.S....

Windows Update Issues: UAC Prompts, System Recovery Failures, and Contested SSD Impacts

Blue-Team

Windows Update Issues: UAC Prompts, System Recovery Failures, and Contested SSD Impacts

Microsoft has confirmed that recent security updates, specifically the August 2025 patches, are causing significant system disruptions...

Google Issues Workarounds for ChromeOS Authentication Failures in Enterprise Environments

Blue-Team

Google Issues Workarounds for ChromeOS Authentication Failures in Enterprise Environments

Google is currently addressing authentication failures that prevent users from signing into their Clever and ClassLink accounts...

Passwordstate Authentication Bypass: A History of High-Severity Flaws and Hardening

CVE News

Passwordstate Authentication Bypass: A History of High-Severity Flaws and Hardening

Click Studios, the developer of the Passwordstate enterprise password manager, has issued an urgent warning to its...

Shadow IT: Quantifying the Unseen Attack Surface Expansion

Blue-Team

Shadow IT: Quantifying the Unseen Attack Surface Expansion

The pervasive use of unauthorized hardware, software, and cloud services, collectively known as Shadow IT, presents a...

CISA Warns of Actively Exploited Git Code Execution Flaw in KEV Catalog

CVE News

CISA Warns of Actively Exploited Git Code Execution Flaw in KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in the Git distributed...

Critical Docker Desktop Vulnerability CVE-2025-9074 Enables Host Takeover

CVE News

Critical Docker Desktop Vulnerability CVE-2025-9074 Enables Host Takeover

A critical vulnerability in Docker Desktop for Windows and macOS, designated CVE-2025-9074, has been patched after it...

Posts pagination

1 2 3 4 … 15 Next

High Risk

ASUS DSL Router Critical Authentication Bypass: CVE-2025-59367 Analysis and Mitigation

UK Cyber Security and Resilience Bill Introduces Stricter Rules for Critical Infrastructure

Triofox Antivirus Feature Abused for SYSTEM-Level Code Execution

SAP November 2025 Patch Day: Critical Hardcoded Credentials and Code Injection Flaws Addressed

Critical Authentication Bypass in Service Finder WordPress Theme Actively Exploited

Redis Critical RCE Vulnerability Puts Thousands of Instances at Risk

Critical Unity Engine Vulnerability CVE-2025-59489: Technical Analysis and Industry Response

Supermicro BMC Vulnerabilities Expose Persistent Backdoor Risks in Server Firmware

The Buyer’s Guide to Browser Extension Management: Mitigating a Pervasive Enterprise Risk

Czech Cyber Agency Issues High-Risk Warning on Chinese Technology and Data Transfers

TP-Link Router Zero-Day and Active Exploitation Campaigns Prompt Urgent CISA Response

Windows Update Issues: UAC Prompts, System Recovery Failures, and Contested SSD Impacts

Passwordstate Authentication Bypass: A History of High-Severity Flaws and Hardening

CISA Warns of Actively Exploited Git Code Execution Flaw in KEV Catalog

Critical Docker Desktop Vulnerability CVE-2025-9074 Enables Host Takeover

You may have missed

ClickFix Malware Campaigns Resurrect Decades-Old Finger Protocol for Command Retrieval

North Korean IT Worker Scheme: A Technical Analysis of Infiltration and Fraud

Digital Passport Integration in Mobile Wallets: A Security Analysis

U.S. Launches Scam Center Strike Force to Combat $10 Billion Crypto Fraud Networks