Vulnerability Disclosure

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

Data Breach

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

Oracle faces mounting scrutiny after cybersecurity researchers uncovered evidence of a breach in its SaaS infrastructure, contradicting...

Martin Lewis’ Mobile Security Alert: How to Retrieve and Secure Your IMEI

News

Martin Lewis’ Mobile Security Alert: How to Retrieve and Secure Your IMEI

Financial expert Martin Lewis has issued a security alert urging all mobile phone users to retrieve their...

Center Parcs’ X Account Mishap: A Case Study in Digital Hygiene Failures

News

Center Parcs’ X Account Mishap: A Case Study in Digital Hygiene Failures

When Center Parcs UK deactivated its X (formerly Twitter) account in January 2025, it inadvertently created a...

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

Data Breach

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

A recent breach at Oracle Health has exposed sensitive patient data across multiple US hospitals, raising concerns...

OpenAI Raises Bug Bounty Rewards to $100,000 for Critical Vulnerabilities

Bug Bounties & Responsible Disclosure

OpenAI Raises Bug Bounty Rewards to $100,000 for Critical Vulnerabilities

OpenAI has significantly increased its maximum bug bounty payout from $20,000 to $100,000 for critical security vulnerabilities...

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Threat Intelligence

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Cybersecurity researchers have uncovered a campaign involving hijacked npm packages, some over nine years old, that were...

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

CVE News

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

A high-severity vulnerability (CVE-2025-30232) has been identified in Exim mail servers, affecting versions 4.96 through 4.98.1. The...

Private Contact Details of Trump Administration Officials Exposed Online

Data Breach

Private Contact Details of Trump Administration Officials Exposed Online

Confidential contact information belonging to former Trump administration officials was reportedly discovered publicly accessible online, raising significant...

MORSECORP Inc. Settles $4.6 Million Cybersecurity Fraud Case with U.S. Government

Cyber Laws & Regulations

MORSECORP Inc. Settles $4.6 Million Cybersecurity Fraud Case with U.S. Government

Defense contractor MORSECORP Inc. has agreed to pay $4.6 million to resolve allegations of cybersecurity fraud involving...

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

News

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

Join us for an engaging series of book talks in March 2024 featuring discussions on Chasing Shadows,...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

A critical command injection vulnerability (CVE-2025-2728) affecting H3C Magic NX30 Pro and NX400 routers has been identified,...

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug Bounties & Responsible Disclosure

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug bounty programs have become a proven strategy for strengthening system security through collaboration with external researchers....

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

CVE News

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Summary A critical SQL injection vulnerability (CVE-2025-2683) has been discovered in PHPGurukul’s Bank Locker Management System version...

Critical Microsoft Windows Vulnerabilities Patched: NCSC-2025-0078 Advisory

CVE News
Exploitation

Critical Microsoft Windows Vulnerabilities Patched: NCSC-2025-0078 Advisory

Microsoft has recently addressed a series of critical vulnerabilities in its Windows operating system, as highlighted in...

Adobe Acrobat Reader Vulnerabilities Patched: Critical Arbitrary Code Execution Flaws Addressed

Exploitation
Red-Team

Adobe Acrobat Reader Vulnerabilities Patched: Critical Arbitrary Code Execution Flaws Addressed

Adobe has recently addressed critical vulnerabilities in Adobe Acrobat Reader, as highlighted in the NCSC-2025-0084 advisory. These...

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

Exploitation
Threat Intelligence

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

Autodesk has recently addressed multiple vulnerabilities in its AutoCAD software, a critical tool used by architects, engineers,...

Synology Patches Critical Vulnerability in Replication Service and Unified Controller (NCSC-2025-0090)

Exploitation
Red-Team

Synology Patches Critical Vulnerability in Replication Service and Unified Controller (NCSC-2025-0090)

Synology has recently addressed a critical vulnerability in its Synology Replication Service and Synology Unified Controller, which...

Dealing with the SolarWinds Orion Compromise: Immediate Actions for Organizations

APT-News
Data Breach

Dealing with the SolarWinds Orion Compromise: Immediate Actions for Organizations

The SolarWinds Orion compromise, disclosed in December 2020, remains one of the most significant cybersecurity incidents in...

NCSC Warns of Cryptojacking: How Malicious Software is Exploiting Devices for Illicit Cryptocurrency Mining

Blue-Team
Exploitation

NCSC Warns of Cryptojacking: How Malicious Software is Exploiting Devices for Illicit Cryptocurrency Mining

The National Cyber Security Centre (NCSC) has issued a warning about the increasing use of malicious software...

CVE-2025-2691: High-Severity SSRF Vulnerability in Nossrf Package

Blue-Team
CVE News
Exploitation
Red-Team
Threat Intelligence

CVE-2025-2691: High-Severity SSRF Vulnerability in Nossrf Package

A critical Server-Side Request Forgery (SSRF) vulnerability (CVE-2025-2691) has been identified in the nossrf package, affecting versions...

Posts pagination

1 2 Next

Vulnerability Disclosure

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

Martin Lewis’ Mobile Security Alert: How to Retrieve and Secure Your IMEI

Center Parcs’ X Account Mishap: A Case Study in Digital Hygiene Failures

Oracle Health Data Breach: Legacy Server Compromise Exposes Patient Records

OpenAI Raises Bug Bounty Rewards to $100,000 for Critical Vulnerabilities

Hijacked npm Packages Used to Steal API Keys via Obfuscated Scripts

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

Private Contact Details of Trump Administration Officials Exposed Online

MORSECORP Inc. Settles $4.6 Million Cybersecurity Fraud Case with U.S. Government

Upcoming Book Talk Events for “Chasing Shadows” – March 2024

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

CVE-2025-2683: Critical SQL Injection in PHPGurukul Bank Locker Management System

Critical Microsoft Windows Vulnerabilities Patched: NCSC-2025-0078 Advisory

Adobe Acrobat Reader Vulnerabilities Patched: Critical Arbitrary Code Execution Flaws Addressed

Autodesk AutoCAD Vulnerabilities Patched: Key Details and Remediation Steps

Synology Patches Critical Vulnerability in Replication Service and Unified Controller (NCSC-2025-0090)

CVE-2025-2691: High-Severity SSRF Vulnerability in Nossrf Package

You may have missed

Hong Kong Data Breach: 128,000 Records Exposed Due to System Neglect and Outdated Infrastructure

Oracle’s SaaS Breach Cover-Up Exposed: Evidence Contradicts Denials

National Defense Corporation Ransomware Attack: Breach Disclosed, Ransom Refused

Lucid PhaaS Platform Targets iOS and Android Users via iMessage and RCS