CVE/vulnerability
CISA Issues 10 ICS Advisories Addressing Critical Vulnerabilities and Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has issued ten new Industrial Control Systems (ICS) advisories to address critical vulnerabilities and exploits that could impact key industrial systems.Released on...
Cyber Security News
Calix Devices Vulnerable to Pre-Auth RCE on Port 6998, Root Access Possible
A severe security flaw enabling unauthenticated remote code execution (RCE) with root privileges has been uncovered in select Calix networking devices, raising alarms for...
CVE/vulnerability
AMD CPU Signature Verification Vulnerability Enables Unauthorized Microcode Execution
A vulnerability in AMD CPUs has been uncovered, enabling attackers with administrative privileges to bypass microcode signature verification and execute malicious code.Designated as CVE-2024-36347 (CVSS score:...
CVE/vulnerability
Ivanti 0-Day RCE Flaw Exploitation Details Revealed
A critical unauthenticated Remote Code Execution (RCE) vulnerability, CVE-2025-22457, has been disclosed by Ivanti, sparking concerns across the cybersecurity industry.The flaw, which affects several Ivanti products, allows...
CVE/vulnerability
Jenkins Docker Vulnerability Allows Hackers to Hijack Network Traffic
A newly disclosed vulnerability affecting Jenkins Docker images has raised serious concerns about network security.The vulnerability, stemming from the reuse of SSH host keys,...
cyber security
Rogue Account‑Creation Flaw Leaves 100 K WordPress Sites Exposed
A severe vulnerability has been uncovered in the SureTriggers WordPress plugin, which could leave over 100,000 websites at risk.The issue, discovered by security researcher...
CVE/vulnerability
Dell Alerts Users to Critical PowerScale OneFS Flaws Enabling Account Takeover
Dell Technologies has issued an urgent security advisory to its users, warning of several critical vulnerabilities in its PowerScale OneFS operating system.These flaws, if...
CVE/vulnerability
SonicWall Patches Multiple Vulnerabilities in NetExtender Windows Client
SonicWall has issued a critical alert concerning multiple vulnerabilities discovered in its NetExtender Windows client.These vulnerabilities, identified via several Common Vulnerabilities and Exposures (CVEs),...
CVE/vulnerability
Langflow AI Builder Vulnerability Allows Remote Server Takeover by Attackers
A critical security vulnerability has been discovered in the Langflow AI Builder, a popular tool for creating agentic AI workflows.The flaw, tracked as CVE-2025-3248, enables...
CVE/vulnerability
TP-Link Smart Hub Flaw Exposes Users’ Wi-Fi Credentials
A critical vulnerability has been discovered in TP-Link’s Smart Hub, potentially exposing users’ Wi-Fi credentials to malicious actors.This flaw could allow attackers to gain...
CVE/vulnerability
Microsoft Identity Web Flaw Exposes Sensitive Client Secrets and Certificates
A new vulnerability has been discovered in the Microsoft.Identity.Web NuGet package under specific conditions, potentially exposing sensitive information such as client secrets and certificate...