A critical security flaw in NetApp SnapCenter, tracked as CVE-2025-26512, could allow authenticated users to escalate privileges...
Vulnerability Management
Cybersecurity researchers have uncovered a campaign involving hijacked npm packages, some over nine years old, that were...
A high-severity vulnerability (CVE-2025-26733) has been identified in the Shinetheme Traveler WordPress theme, affecting versions up to...
A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-26873, has been disclosed in the Shinetheme Traveler...
A critical SQL injection vulnerability (CVE-2025-26898) has been identified in the Shinetheme Traveler WordPress theme, affecting versions...
A high-severity vulnerability (CVE-2025-30232) has been identified in Exim mail servers, affecting versions 4.96 through 4.98.1. The...
A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...
A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...
Defense contractor MORSECORP Inc. has agreed to pay $4.6 million to resolve allegations of cybersecurity fraud involving...
AhnLab’s Threat Intelligence Platform has released 19 new Snort rules addressing critical vulnerabilities including PostgreSQL SQL injection...
Recent forensic investigations by Volexity have uncovered a sophisticated attack campaign exploiting two chained zero-day vulnerabilities in...
Active Directory Discretionary Access Control Lists (DACLs) serve as a fundamental security mechanism governing access to directory...
Misconfigured WriteOwner permissions in Active Directory can enable attackers to take ownership of critical objects, bypass security...
Active Directory (AD) credential dumping remains a significant threat, with attackers increasingly exploiting overlooked attributes like user...
A Shadow Credentials attack is an advanced exploitation technique targeting Active Directory Certificate Services (AD CS), enabling...
A newly identified Mirai botnet variant (IoT.Linux.MIRAI.VWISI) has begun exploiting CVE-2020-10173, a command injection vulnerability in Comtrend...
The Trojan.Win64.HAFNIUM.A malware represents a sophisticated threat targeting Microsoft Exchange servers, initially attributed to the Chinese state-sponsored...
The Trojan.Win32.CVE20188120.E malware represents a persistent threat leveraging CVE-2018-8120, a privilege escalation vulnerability in Windows systems. This...
The ransomware strain Ransom.Win32.BLACKMATTER.THGOCBA presents a moderate-risk threat with significant operational impact potential, primarily targeting Windows environments....
Two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC) have been identified and patched, according to...
