Vulnerability Management

Kali Linux Update Failures: Manual Key Installation Required After Signing Key Loss

News

Kali Linux Update Failures: Manual Key Installation Required After Signing Key Loss

Offensive Security has issued a warning to Kali Linux users regarding potential update failures due to the...

SberTech Expands Bug Bounty Program on BI.ZONE Platform, Increases Rewards to 200K RUB

Bug Bounties & Responsible Disclosure

SberTech Expands Bug Bounty Program on BI.ZONE Platform, Increases Rewards to 200K RUB

SberTech, a Russian software developer under the Sber ecosystem, has expanded its public bug bounty program on...

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

APT-News

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Recent research by NSFOCUS Fuying Laboratory has uncovered 19 distinct Advanced Persistent Threat (APT) campaigns targeting organizations...

Financial Ombudsman Service Implements MaxPatrol SIEM for Cybersecurity Monitoring

SIEM & Detection Engineering

Financial Ombudsman Service Implements MaxPatrol SIEM for Cybersecurity Monitoring

The Service for Supporting the Activities of the Financial Ombudsman (ANO “SODFU”), established by the Central Bank...

Analysis of Multi-Stage Carding Attack Targeting Outdated Magento Sites

Blue-Team

Analysis of Multi-Stage Carding Attack Targeting Outdated Magento Sites

A sophisticated multi-stage carding attack has been identified targeting Magento eCommerce sites running outdated versions, particularly Magento...

Rapid7’s Exposure Assessment Platform Buyer’s Guide: Key Features and Vendor Comparisons

News

Rapid7’s Exposure Assessment Platform Buyer’s Guide: Key Features and Vendor Comparisons

Rapid7 has released its Exposure Assessment Platform (EAP) Buyer’s Guide, a resource designed to help organizations navigate...

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE News

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CVE News

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

CVE News

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

CVE News

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

CVE News

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

CVE News

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....

North Dakota’s New Data Security and Licensing Rules for Financial Brokers: Key Takeaways

Cyber Laws & Regulations

North Dakota’s New Data Security and Licensing Rules for Financial Brokers: Key Takeaways

North Dakota has enacted significant regulatory changes with HB 1127, signed into law on April 11, 2025....

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

CVE News

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

A high-severity remote code execution (RCE) vulnerability (CVE-2025-3642) has been identified in Moodle’s EQUELLA repository integration, posing...

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

CVE News

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

A high-severity vulnerability (CVE-2025-3935) affecting ScreenConnect versions 25.2.3 and earlier has been disclosed, involving ASP.NET ViewState code...

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Blue-Team

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

A widespread phishing campaign targeting WooCommerce store owners has been identified, leveraging fabricated security vulnerability alerts to...

Moodle Brickfield Tool CSRF Vulnerability (CVE-2025-3638): Analysis and Mitigation

CVE News

Moodle Brickfield Tool CSRF Vulnerability (CVE-2025-3638): Analysis and Mitigation

A high-severity Cross-Site Request Forgery (CSRF) vulnerability has been identified in Moodle’s Brickfield tool, tracked as CVE-2025-3638....

Tenable Vulnerability Watch: A New Approach to Prioritizing and Reducing Remediation Times

Threat Intelligence

Tenable Vulnerability Watch: A New Approach to Prioritizing and Reducing Remediation Times

Organizations continue to face significant challenges in reducing vulnerability remediation times, with many struggling to prioritize exposures...

Virgin Media’s Mandatory Router Upgrade: Security Implications and Hidden Costs

News

Virgin Media’s Mandatory Router Upgrade: Security Implications and Hidden Costs

Virgin Media is rolling out free router upgrades to customers using older Hub models (Hub 1-3) to...

Posts pagination

Previous 1 2 3 4 5 6 7 8 … 12 Next

Vulnerability Management

Kali Linux Update Failures: Manual Key Installation Required After Signing Key Loss

SberTech Expands Bug Bounty Program on BI.ZONE Platform, Increases Rewards to 200K RUB

19 APT Groups Exploit Vulnerabilities and Spear Phishing in Asia-Based Attacks

Financial Ombudsman Service Implements MaxPatrol SIEM for Cybersecurity Monitoring

Analysis of Multi-Stage Carding Attack Targeting Outdated Magento Sites

Rapid7’s Exposure Assessment Platform Buyer’s Guide: Key Features and Vendor Comparisons

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

North Dakota’s New Data Security and Licensing Rules for Financial Brokers: Key Takeaways

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

Sophisticated WooCommerce Phishing Campaign Exploits Fake Security Alerts

Moodle Brickfield Tool CSRF Vulnerability (CVE-2025-3638): Analysis and Mitigation

Tenable Vulnerability Watch: A New Approach to Prioritizing and Reducing Remediation Times

Virgin Media’s Mandatory Router Upgrade: Security Implications and Hidden Costs

You may have missed

Ingram Micro Global Outage: Technical Disruptions and Cybersecurity Concerns

Microsoft SharePoint Online Access Issues: Technical Analysis and Mitigation Strategies

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case