Technical details surrounding CVE-2025-20188, a maximum-severity arbitrary file upload vulnerability affecting Cisco IOS XE Wireless LAN Controller...
RCE
ConnectWise, a leading IT management software provider, confirmed a cyberattack targeting its ScreenConnect remote access tool in...
A newly discovered botnet named **PumaBot** is actively targeting Linux-based IoT devices by brute-forcing SSH credentials to...
Over 9,000 ASUS routers have been compromised by the “AyySSHush” botnet, which installs persistent SSH backdoors to...
The DragonForce ransomware group has compromised over 120 managed service providers (MSPs) by exploiting vulnerabilities in SimpleHelp’s...
Multiple critical vulnerabilities in Versa Networks’ Concerto platform remain unpatched, exposing enterprise networks to authentication bypass and...
Ivanti has issued an urgent patch advisory for two zero-day vulnerabilities (CVE-2025-4427 and CVE-2025-4428) affecting its Endpoint...
Microsoft’s May 2025 Patch Tuesday has delivered critical security updates addressing 72 vulnerabilities, including five zero-days actively...
Fortinet has released urgent security updates to address a critical remote code execution (RCE) vulnerability actively exploited...
Ivanti has issued urgent security updates for its Neurons for ITSM IT service management solution, addressing a...
A newly discovered vulnerability in Intel CPUs, dubbed “Branch Privilege Injection,” allows attackers to extract sensitive data...
A recent security disclosure highlights how a seemingly robust frontend regex filter in a username field was...
Mozilla has addressed multiple high-severity vulnerabilities in Firefox and Thunderbird, specifically affecting versions below 138 and 128.10....
Google has addressed 46 security flaws in its May 2025 Android security updates, including a high-severity vulnerability...
A critical zero-click vulnerability in Microsoft’s Telnet Client (telnet.exe) has been identified, allowing attackers to steal Windows...
A critical pre-authentication denial-of-service (DoS) vulnerability in Microsoft’s Windows Deployment Services (WDS) allows attackers to crash systems...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding an actively exploited remote...
A high-severity vulnerability (CVE-2025-4279) has been identified in the WordPress External Image Replace plugin, enabling authenticated attackers...
A critical command injection vulnerability (CVE-2025-45042) has been identified in Tenda AC9 routers running firmware version 15.03.05.14,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has escalated the urgency around a critical vulnerability in...
