High Risk

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

CVE News

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

Hewlett Packard Enterprise (HPE) has issued an urgent security bulletin warning of eight vulnerabilities in its StoreOnce...

Mozilla’s New Defense Against Cryptocurrency-Draining Firefox Extensions

News

Mozilla’s New Defense Against Cryptocurrency-Draining Firefox Extensions

Mozilla has introduced a new security mechanism designed to detect and block malicious Firefox extensions that target...

Google Chrome to Remove Trust in Chunghwa Telecom and NetLock Certificates: Technical Impact and Mitigation

News

Google Chrome to Remove Trust in Chunghwa Telecom and NetLock Certificates: Technical Impact and Mitigation

Starting August 1, 2025, Google Chrome will no longer trust TLS certificates issued by Chunghwa Telecom (Taiwan)...

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

CVE News

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Qualcomm has addressed three critical zero-day vulnerabilities in its Adreno Graphics Processing Unit (GPU) driver that were...

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

CVE News

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

Technical details surrounding CVE-2025-20188, a maximum-severity arbitrary file upload vulnerability affecting Cisco IOS XE Wireless LAN Controller...

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Threat Intelligence

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Over 9,000 ASUS routers have been compromised by the “AyySSHush” botnet, which installs persistent SSH backdoors to...

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Blue-Team

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Security teams are inundated with vulnerability alerts daily, but not every “critical” CVE warrants an emergency response....

Emergency Update Resolves Hyper-V VM Freezes on Windows Server 2022

News

Emergency Update Resolves Hyper-V VM Freezes on Windows Server 2022

Microsoft has released an out-of-band (OOB) update to address a critical issue causing Hyper-V virtual machines (VMs)...

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

CVE News

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

CVE News

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

A critical authentication bypass vulnerability (CVE-2025-47949) in the Node.js SAML library samlify allows attackers to forge admin-level...

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

CVE News

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

A critical privilege escalation vulnerability (CVE-2025-4322) has been identified in the premium WordPress Motors theme, allowing unauthenticated...

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

CVE News

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

A recently discovered vulnerability in O2 UK’s implementation of Voice over LTE (VoLTE) and WiFi Calling technologies...

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

CVE News

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Microsoft has addressed a critical issue affecting dual-boot systems where Linux distributions failed to boot after installing...

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

CVE News

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

CVE News

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

CVE News

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

Microsoft has released cumulative updates KB5058411 and KB5058405 for Windows 11 versions 24H2 and 23H2, addressing security...

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

CVE News

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Fortinet has released urgent security updates to address a critical remote code execution (RCE) vulnerability actively exploited...

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

CVE News

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

Ivanti has issued urgent security updates for its Neurons for ITSM IT service management solution, addressing a...

Intel CPU Vulnerabilities: Analyzing the Latest Branch Privilege Injection Flaw

CVE News

Intel CPU Vulnerabilities: Analyzing the Latest Branch Privilege Injection Flaw

A newly discovered vulnerability in Intel CPUs, dubbed “Branch Privilege Injection,” allows attackers to extract sensitive data...

Browser Extension Security Risks: Enterprise Threats and Mitigation Strategies (2025 Report)

Blue-Team

Browser Extension Security Risks: Enterprise Threats and Mitigation Strategies (2025 Report)

A recent report by LayerX reveals that 99% of enterprise users rely on browser extensions, yet over...

Posts pagination

Previous 1 2 3 4 5 6 7 … 15 Next

High Risk

Critical Authentication Bypass and RCE Vulnerabilities in HPE StoreOnce Software

Mozilla’s New Defense Against Cryptocurrency-Draining Firefox Extensions

Google Chrome to Remove Trust in Chunghwa Telecom and NetLock Certificates: Technical Impact and Mitigation

Qualcomm Patches Actively Exploited Adreno GPU Zero-Day Vulnerabilities

Public Exploit Details Emerge for Critical Cisco IOS XE Vulnerability (CVE-2025-20188)

ASUS Router Botnet “AyySSHush” Deploys Persistent SSH Backdoors: Technical Analysis

Prioritizing Exploitable Vulnerabilities: Cutting Through the Noise of CVSS Scores

Critical Unpatched Vulnerabilities in Versa Concerto Expose Systems to Auth Bypass and RCE

Critical SAMLify SSO Vulnerability Enables Admin Impersonation via Signature Wrapping

Critical Privilege Escalation Vulnerability in WordPress Motors Theme (CVE-2025-4322)

O2 UK VoLTE/WiFi Calling Flaw Exposes User Location via Call Metadata

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates

Ivanti EPMM Zero-Days Exploited in Chained Remote Code Execution Attacks

Microsoft May 2025 Patch Tuesday: 5 Exploited Zero-Days and 72 Flaws Addressed

Windows 11 KB5058411 and KB5058405 Updates: Security Fixes and Known Issues

Fortinet Patches Critical Zero-Day Exploit in FortiVoice Enterprise Systems

Ivanti Neurons for ITSM Critical Authentication Bypass: Patch Now to Mitigate Exploitable Flaws

Intel CPU Vulnerabilities: Analyzing the Latest Branch Privilege Injection Flaw

Browser Extension Security Risks: Enterprise Threats and Mitigation Strategies (2025 Report)

You may have missed

Adobe Analytics Data Leak: Architectural Failure Exposes Cross-Tenant Data

Snapchat’s Shift to Paid Storage: A Technical Analysis of Cloud Service Monetization

Google’s Developer Registration Policy Threatens F-Droid’s Existence

Google Drive for Desktop Deploys AI-Powered Ransomware Detection and Recovery