Modern security teams face an overwhelming challenge: managing vulnerabilities across complex environments while balancing risk, compliance, and...
Vulnerability Management
Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload...
Offensive Security has issued a warning to Kali Linux users regarding potential update failures due to the...
SberTech, a Russian software developer under the Sber ecosystem, has expanded its public bug bounty program on...
Recent research by NSFOCUS Fuying Laboratory has uncovered 19 distinct Advanced Persistent Threat (APT) campaigns targeting organizations...
The Service for Supporting the Activities of the Financial Ombudsman (ANO “SODFU”), established by the Central Bank...
A sophisticated multi-stage carding attack has been identified targeting Magento eCommerce sites running outdated versions, particularly Magento...
Rapid7 has released its Exposure Assessment Platform (EAP) Buyer’s Guide, a resource designed to help organizations navigate...
A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...
A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...
A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...
Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...
A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...
A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....
North Dakota has enacted significant regulatory changes with HB 1127, signed into law on April 11, 2025....
A high-severity remote code execution (RCE) vulnerability (CVE-2025-3642) has been identified in Moodle’s EQUELLA repository integration, posing...
A high-severity vulnerability (CVE-2025-3935) affecting ScreenConnect versions 25.2.3 and earlier has been disclosed, involving ASP.NET ViewState code...
A widespread phishing campaign targeting WooCommerce store owners has been identified, leveraging fabricated security vulnerability alerts to...
A high-severity Cross-Site Request Forgery (CSRF) vulnerability has been identified in Moodle’s Brickfield tool, tracked as CVE-2025-3638....
