CVE/vulnerability
CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access
Both CrushFTP, a popular file transfer technology, and Next.js, a widely used React framework for building web applications, have come under scrutiny due to significant vulnerabilities.Rapid7 has highlighted these...
CVE/vulnerability
New Chrome Installer Fails on Windows 10 & 11 With “This app can’t run on your PC” Error
A recent snag in Google's Chrome distribution process has left Windows users unable to install the browser on their Intel and AMD systems.The issue,...
CVE/vulnerability
Critical NetApp SnapCenter Server Vulnerability Allows Attackers to Gain Admin Access
A critical vulnerability has been identified in NetApp's SnapCenter Server, affecting versions before 6.0.1P1 and 6.1P1.This flaw allows an authenticated SnapCenter Server user to...
CVE/vulnerability
Clevo Devices Vulnerable as Boot Guard Private Key Leaks via Firmware Updates
A recent investigation has revealed that several Clevo-based devices are vulnerable due to a leak of Boot Guard private keys.This vulnerability was first reported...
CVE/vulnerability
DrayTek Router Vulnerability Exploited in the Wild – Linked to Reboot Loop Issue
The cybersecurity world has been abuzz with reports of widespread reboots affecting DrayTek routers across the globe.While the exact cause of these reboots remains...
CVE/vulnerability
Appsmith Developer Tool Vulnerability Exposes Systems to Remote Code Execution
A recent analysis by Rhino Security Labs has uncovered a series of critical vulnerabilities in the Appsmith developer tool, a platform used for building...
Chrome
Google Chrome Zero-Day Vulnerability Actively Exploited in the Wild
Google has released an urgent update for its Chrome browser to patch a zero-day vulnerability known as CVE-2025-2783.This vulnerability has been actively exploited in...
CVE/vulnerability
CISA Highlights Four ICS Flaws Being Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) released four significant Industrial Control Systems (ICS) advisories, drawing attention to potential security risks and vulnerabilities affecting...
CVE/vulnerability
New Windows Zero-Day Vulnerability Exposes NTLM Credentials – Unofficial Patch Available
A new zero-day vulnerability has been discovered in Windows, impacting all versions from Windows 7 and Server 2008 R2 to the latest Windows 11...
CVE/vulnerability
Ingress NGINX RCE Vulnerability Allows Attackers to Compromise Entire Cluster
A series of remote code execution (RCE) vulnerabilities known as "IngressNightmare" have been discovered in the Ingress NGINX Controller for Kubernetes.These vulnerabilities, identified as CVE-2025-1097, CVE-2025-1098, CVE-2025-24514,...
CVE/vulnerability
WordPress Plugin Vulnerability Opens Door to SQL Injection Exploits
A critical vulnerability in the popular WordPress plugin GamiPress has been uncovered, leaving users exposed to unauthenticated SQL injection attacks.The issue, assigned the identifier...