vulnerability

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

CVE News

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has escalated the urgency around a critical vulnerability in...

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

CVE News

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

A critical vulnerability in OpenCTI, tracked as CVE-2025-24977, allows authenticated users to execute arbitrary commands on the...

Critical AirPlay Vulnerabilities (AirBorne) Enable Wormable Zero-Click RCE on Apple Devices

CVE News

Critical AirPlay Vulnerabilities (AirBorne) Enable Wormable Zero-Click RCE on Apple Devices

Apple’s AirPlay protocol, a proprietary wireless technology used for streaming audio and video across devices, was found...

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

CVE News

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

The US Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical vulnerabilities affecting SonicWall Secure...

7 Critical Smartphone Security Measures for Enterprise Protection

Blue-Team

7 Critical Smartphone Security Measures for Enterprise Protection

Smartphones have become prime targets for cyber threats, from border surveillance to sophisticated malware. For organizations, securing...

Microsoft Silently Resolves Windows 10 Start Menu Jump List Bug

News

Microsoft Silently Resolves Windows 10 Start Menu Jump List Bug

Microsoft has quietly addressed a bug affecting Start Menu jump lists on Windows 10 version 22H2 systems....

xAI API Key Leak Exposes Private SpaceX and Tesla LLMs for Two Months

Data Breach

xAI API Key Leak Exposes Private SpaceX and Tesla LLMs for Two Months

A developer at Elon Musk’s artificial intelligence company xAI accidentally leaked a private API key on GitHub,...

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

CVE News

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with CVE-2025-31324,...

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

CVE News

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

A set of critical vulnerabilities in Apple’s AirPlay Protocol and AirPlay SDK, collectively dubbed “AirBorne,” exposes devices...

Critical Vulnerabilities in Delta Electronics ISPSoft Expose Industrial Systems to Arbitrary Code Execution

CVE News

Critical Vulnerabilities in Delta Electronics ISPSoft Expose Industrial Systems to Arbitrary Code Execution

Delta Electronics’ ISPSoft programming software, widely used in industrial automation systems, contains multiple critical vulnerabilities that could...

Increased Scanning Activity Targeting SMS Gateways and APIs: Risks and Mitigation

Threat Intelligence

Increased Scanning Activity Targeting SMS Gateways and APIs: Risks and Mitigation

Recent reports highlight a surge in scanning activity targeting SMS gateways and APIs, with attackers seeking to...

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

CVE News

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

A critical SQL injection vulnerability (CVE-2025-4039) has been identified in PHPGurukul’s Rail Pass Management System version 1.0,...

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

CVE News

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

A critical vulnerability in YesWiki, tracked as CVE-2025-46348, allows unauthenticated attackers to create and download site backups...

MSSQL Injection Attacks: Tactics, Case Studies, and Mitigation Strategies

Red-Team

MSSQL Injection Attacks: Tactics, Case Studies, and Mitigation Strategies

Recent reports highlight a surge in MSSQL injection attacks, with threat actors exploiting vulnerabilities to execute remote...

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

CVE News

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

A critical SQL injection vulnerability (CVE-2017-18362) in ConnectWise’s ManagedITSync integration exposed Kaseya VSA servers to unauthenticated remote...

MSSQL Attack Mitigation: A Case Study in Incident Response

Blue-Team

MSSQL Attack Mitigation: A Case Study in Incident Response

When a database outage escalates into a full-blown security incident, the response strategy determines whether an organization...

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE News

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

A newly disclosed vulnerability in Apache Tomcat, tracked as CVE-2025-23181, allows unprivileged command execution with a CVSS...

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

CVE News

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

A critical remote code execution (RCE) vulnerability has been identified in PhpGurukul’s Online Banquet Booking System (OBBS)...

WooCommerce Phishing Campaign Delivers Backdoors via Fake Security Patches

Threat Intelligence

WooCommerce Phishing Campaign Delivers Backdoors via Fake Security Patches

A sophisticated phishing campaign is targeting WooCommerce users with fraudulent emails urging them to install a fake...

How Breaches Start: Analyzing 5 Real-World Vulnerabilities

News

How Breaches Start: Analyzing 5 Real-World Vulnerabilities

Not every security vulnerability poses an immediate high risk, but attackers often chain seemingly minor flaws to...

Posts pagination

Previous 1 … 3 4 5 6 7 8 9 … 20 Next

vulnerability

Critical Commvault Path Traversal Vulnerability (CVE-2025-34028) Added to CISA KEV Catalog

Critical OpenCTI Container Escalation Vulnerability (CVE-2025-24977) Exposes Infrastructure to Attacks

Critical AirPlay Vulnerabilities (AirBorne) Enable Wormable Zero-Click RCE on Apple Devices

SonicWall Vulnerabilities Confirmed as Actively Exploited by CISA

7 Critical Smartphone Security Measures for Enterprise Protection

Microsoft Silently Resolves Windows 10 Start Menu Jump List Bug

xAI API Key Leak Exposes Private SpaceX and Tesla LLMs for Two Months

CISA Adds SAP NetWeaver Vulnerability to Known Exploited Catalog: Analysis and Mitigation

Apple AirPlay Zero-Click RCE Vulnerabilities: Technical Analysis and Mitigation

Critical Vulnerabilities in Delta Electronics ISPSoft Expose Industrial Systems to Arbitrary Code Execution

Increased Scanning Activity Targeting SMS Gateways and APIs: Risks and Mitigation

Critical SQL Injection Vulnerability in PHPGurukul Rail Pass Management System (CVE-2025-4039)

Critical YesWiki Vulnerability (CVE-2025-46348) Allows Unauthenticated Backup Exfiltration

MSSQL Injection Attacks: Tactics, Case Studies, and Mitigation Strategies

CVE-2017-18362: Critical SQL Injection in ConnectWise ManagedITSync Integration

MSSQL Attack Mitigation: A Case Study in Incident Response

Apache Tomcat CVE-2025-23181: Unprivileged Command Execution Vulnerability Analysis

CVE-2025-45947: Critical RCE Vulnerability in PhpGurukul Online Banquet Booking System

WooCommerce Phishing Campaign Delivers Backdoors via Fake Security Patches

How Breaches Start: Analyzing 5 Real-World Vulnerabilities

You may have missed

U.S. Sanctions Grinex Crypto-Exchange as Garantex Successor in Crackdown on Ransomware Money Laundering

Meta’s Erroneous Instagram Account Bans: Technical Implications for Security Teams

Supreme Court’s Decision on Mississippi Social Media Age Verification Law: Technical and Legal Implications

Microsoft Resolves Critical Windows Server Cluster and VM Stability Issues