CVE/vulnerability
Palo Alto Networks Expedition Tool Vulnerability Let Attackers Access Cleartext Passwords
A series of serious vulnerabilities have been identified in Palo Alto Networks' Expedition migration tool, which could allow attackers to gain unauthorized access to...
CVE/vulnerability
Ivanti 0-Day Vulnerability Exploited in Wild-Patch Now
Ivanti released a critical security advisory addressing vulnerabilities in its Connect Secure, Policy Secure, and ZTA Gateways products.This advisory reveals the existence of...
Chrome
Chrome Security Update – Patch for Multiple Security Vulnerabilities
Google has released an update for its Chrome web browser, advancing to version 131.0.6778.264/.265 for Windows and Mac, and 131.0.6778.264 for Linux.This update addresses...
CVE/vulnerability
Oracle WebLogic Vulnerability Actively Exploited in Cyber Attacks – CISA
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of critical vulnerabilities in various software, particularly spotlighting an...
Cyber Security News
Hackers Weaponize Security Testing By Weaponizing npm, PyPI, & Ruby Exploit Packages
Over the past year, malicious actors have been abusing OAST services for data exfiltration, C2 channel establishment, and multi-stage attacks by leveraging compromised JavaScript,...
Android
Android Security Updates: Patch for Critical RCE Vulnerabilities
The January 2025 Android Security Bulletin has issued important updates regarding critical vulnerabilities that affect Android devices.Users are urged to ensure their devices are...
CVE/vulnerability
WordPress Plugin Vulnerability Exposes 3 Million Websites to Injection Attacks
A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin, potentially impacting over 3 million WordPress websites.This security flaw...
Cyber Attack
Malicious npm Packages Stealing Developers’ Sensitive Data
Attackers published 20 malicious npm packages impersonating legitimate Nomic Foundation and Hardhat plugins, where these packages, downloaded over 1,000 times, compromised development environments and...