RCE

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

CVE News

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

A newly disclosed vulnerability in Soffid Console (CVE-2025-32408) exposes systems to remote code execution through insecure Java...

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

CVE News

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

A critical vulnerability (CVE-2025-42599) has been identified in Active! Mail 6, exposing systems to remote code execution...

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

CVE News

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

A critical buffer overflow vulnerability (CVE-2025-3786) has been identified in Tenda AC15 routers, affecting firmware versions up...

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

CVE News

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

A critical vulnerability (CVE-2025-1093) has been identified in the AIHub WordPress theme, allowing unauthenticated attackers to upload...

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

CVE News

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

Cisco has issued patches for a high-severity vulnerability (CVE-2025-20236) in its Webex software that allows unauthenticated attackers...

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

CVE News

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Cybersecurity firm Arctic Wolf has confirmed that a remote code execution (RCE) vulnerability in SonicWall Secure Mobile...

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

CVE News

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

A critical remote code execution (RCE) vulnerability in Erlang/OTP’s SSH implementation (CVE-2025-32433) now has publicly available exploits,...

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

CVE News

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

Ivanti has released critical patches for two zero-day vulnerabilities (CVE-2025-22457 and CVE-2025-0282) in its Connect Secure (ICS),...

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Threat Intelligence

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

A new wave of cyber threats targeting iPhone users has prompted urgent warnings from security experts. Malicious...

Smart TV Security Alert: 1.6 Million Devices at Risk from Firmware Exploits

News

Smart TV Security Alert: 1.6 Million Devices at Risk from Firmware Exploits

A new wave of attacks targeting smart TVs and streaming boxes has put approximately 1.6 million devices...

China’s Deep-Sea Electromagnetic Device: Assessing the Threat to Undersea Infrastructure

Threat Intelligence

China’s Deep-Sea Electromagnetic Device: Assessing the Threat to Undersea Infrastructure

Recent reports of a Chinese deep-sea electromagnetic device capable of disrupting global communications and energy networks have...

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

CVE News

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

A critical vulnerability (CVE-2024-39780) has been identified in the Robot Operating System (ROS) dynparam tool, allowing arbitrary...

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

CVE News

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

A high-severity vulnerability (CVE-2025-30892) has been identified in the Magepeople WpTravelly WordPress plugin, exposing websites to potential...

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

CVE News

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

A critical security vulnerability has been identified in the Sabuj Kundu CBX Poll WordPress plugin, tracked as...

FamousSparrow APT Resurfaces with Upgraded Cyber Espionage Campaign Targeting Americas

APT-News

FamousSparrow APT Resurfaces with Upgraded Cyber Espionage Campaign Targeting Americas

After a period of inactivity, the Chinese cyber espionage group FamousSparrow has reemerged with upgraded tools and...

CISA Updates Known Exploited Vulnerabilities Catalog with Critical Chromium Sandbox Escape

CVE News

CISA Updates Known Exploited Vulnerabilities Catalog with Critical Chromium Sandbox Escape

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with CVE-2025-2783,...

CVE-2025-2249: WordPress SoJ SoundSlides Plugin Vulnerability Exposes Sites to Arbitrary File Uploads

CVE News

CVE-2025-2249: WordPress SoJ SoundSlides Plugin Vulnerability Exposes Sites to Arbitrary File Uploads

A critical vulnerability (CVE-2025-2249) in the WordPress SoJ SoundSlides plugin allows authenticated attackers with Contributor-level access or...

Medusa Ransomware Targets Critical Infrastructure: Technical Analysis and Mitigation

Threat Intelligence

Medusa Ransomware Targets Critical Infrastructure: Technical Analysis and Mitigation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing...

Meta Warns of Actively Exploited FreeType Vulnerability (CVE-2025-27363) with High-Severity RCE Risk

CVE News

Meta Warns of Actively Exploited FreeType Vulnerability (CVE-2025-27363) with High-Severity RCE Risk

Meta has issued a warning about an actively exploited vulnerability in the FreeType font rendering library, tracked...

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

CVE News

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-28138, has been identified in TOTOLINK A800R routers...

Posts pagination

Previous 1 2 3 4 5 6 7 8 Next

RCE

Soffid Console Java Deserialization Vulnerability (CVE-2025-32408): Technical Analysis and Mitigation

CVE-2025-42599: Critical Stack-Based Buffer Overflow in Active! Mail Threatens Remote Code Execution

Tenda AC15 Router Vulnerability (CVE-2025-3786): Remote Buffer Overflow Exploit Analysis

CVE-2025-1093: Critical RCE Vulnerability in WordPress AIHub Theme

Cisco Webex Vulnerability (CVE-2025-20236) Enables Remote Code Execution via Malicious Links

SonicWall SMA VPN Exploitation: Active Attacks Since January 2025

Critical Erlang/OTP SSH Vulnerability (CVE-2025-32433): Exploits Publicly Available, Patch Urgently

Ivanti Connect Secure Zero-Day Exploited by China-Linked APT Since Mid-March 2025

iPhone Security Alert: Banking Malware and Zero-Day Exploits Threaten Users

Smart TV Security Alert: 1.6 Million Devices at Risk from Firmware Exploits

China’s Deep-Sea Electromagnetic Device: Assessing the Threat to Undersea Infrastructure

ROS dynparam YAML Deserialization Vulnerability (CVE-2024-39780) Analysis and Mitigation

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical Object Injection Vulnerability in Sabuj Kundu CBX Poll Plugin (CVE-2025-31612)

FamousSparrow APT Resurfaces with Upgraded Cyber Espionage Campaign Targeting Americas

CISA Updates Known Exploited Vulnerabilities Catalog with Critical Chromium Sandbox Escape

CVE-2025-2249: WordPress SoJ SoundSlides Plugin Vulnerability Exposes Sites to Arbitrary File Uploads

Medusa Ransomware Targets Critical Infrastructure: Technical Analysis and Mitigation

Meta Warns of Actively Exploited FreeType Vulnerability (CVE-2025-27363) with High-Severity RCE Risk

Critical RCE Vulnerability in TOTOLINK A800R Routers (CVE-2025-28138)

You may have missed

Tor Oniux: Kernel-Level Network Anonymization for Linux Applications

Google Chrome’s Security Update: Blocking Admin-Level Launches in Windows

Australian Human Rights Commission Data Breach: Technical Analysis and Impact

Microsoft Resolves Linux Boot Issues Caused by August 2024 Windows Security Updates