After a period of inactivity, the Chinese cyber espionage group FamousSparrow has reemerged with upgraded tools and...
RCE
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with CVE-2025-2783,...
A critical vulnerability (CVE-2025-2249) in the WordPress SoJ SoundSlides plugin allows authenticated attackers with Contributor-level access or...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing...
Meta Warns of Actively Exploited FreeType Vulnerability (CVE-2025-27363) with High-Severity RCE Risk
Meta Warns of Actively Exploited FreeType Vulnerability (CVE-2025-27363) with High-Severity RCE Risk
Meta has issued a warning about an actively exploited vulnerability in the FreeType font rendering library, tracked...
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-28138, has been identified in TOTOLINK A800R routers...
A newly disclosed path traversal vulnerability (CVE-2024-54291) in Apache’s NotFound PluginPass has been rated with a high...
A newly discovered SQL injection vulnerability in the widely used GLPI IT Service Management (ITSM) tool poses...
Mozilla has released emergency updates to patch a critical sandbox escape vulnerability (CVE-2025-2857) in Firefox for Windows,...
The fourth week of March 2025 has brought significant developments in mobile security and malware, with critical...
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-26873, has been disclosed in the Shinetheme Traveler...
A critical vulnerability (CVE-2025-24383) has been identified in Dell Unity operating environments, allowing unauthenticated attackers to execute...
A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...
Security teams worldwide must stay updated on the latest detection rules and emerging threats to defend against...
Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities
Critical Microsoft Exchange Vulnerability Exploited in Phishing Campaigns Targeting Russian Entities
Security researchers have identified active exploitation of a high-severity Microsoft Exchange vulnerability (CVE-2023-XXXX) in targeted phishing campaigns...
A severe remote code execution (RCE) vulnerability has been identified in the Ingress NGINX Controller, allowing attackers...
AhnLab’s Threat Intelligence Platform has released 19 new Snort rules addressing critical vulnerabilities including PostgreSQL SQL injection...
Security teams worldwide are grappling with widespread exploitation of Ivanti Connect Secure VPN appliances, as researchers uncover...
Recent forensic investigations by Volexity have uncovered a sophisticated attack campaign exploiting two chained zero-day vulnerabilities in...
A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...
