Vulnerability Analysis

This section has all the newest information on vulnerability analysis, such as reports on newly found vulnerabilities, assessment methods, and ways to fix them. Keep up to date on software and system security holes, risk levels analyzed by experts, and the best ways to find and stop possible threats. Our coverage helps you stay on top of new security holes and improves your overall security.

New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild

A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese…

1 week ago

Fortinet FortiOS & FortiProxy Zero-Day Exploited to Hijack Firewall & Gain Super Admin Access

Cybersecurity firm Fortinet has issued an urgent warning regarding a newly discovered zero-day authentication bypass vulnerability (CVE-2025-24472) affecting its FortiOS…

1 week ago

Security Researchers Discover Critical RCE Vulnerability, Earned $40,000 Bounty

Cybersecurity researchers Abdullah Nawaf and Orwa Atyat, successfully escalated a limited path traversal vulnerability into a full-blown remote code execution…

1 month ago

New Botnet Exploiting DNS Records Misconfiguration To Deliver Malware

Botnets are the networks of compromised devices that have evolved significantly since the internet's inception. Threat actors exploit vulnerabilities to…

1 month ago

New Botnet Exploiting D-Link Routers To Gain Control Remotely

Researchers observed a recent surge in activity from the "FICORA" and "CAPSAICIN," both variants of Mirai and Kaiten, respectively, which…

2 months ago

McDonald’s Delivery App Bug Let Customers Orders For Just $0.01

McDonald's India (West & South) / Hardcastle Restaurants Pvt. Ltd. operates a custom McDelivery web app for ordering McDonald's food…

2 months ago

Hackers Exploiting PLC Controllers In US Water Management System To Gain Remote Access

A joint Cybersecurity Advisory (CSA) warns of ongoing exploitation attempts by Iranian Islamic Revolutionary Guard Corps (IRGC)-affiliated cyber actors using…

2 months ago

Malicious Supply Chain Attacking Moving From npm Community To VSCode Marketplace

Researchers have identified a rise in malicious activity on the VSCode Marketplace, highlighting the vulnerability of the platform to supply…

2 months ago

Spring Framework Path Traversal Vulnerability (CVE-2024-38819) PoC Exploit Released

A Proof of Concept (PoC) exploit for the critical path traversal vulnerability identified as CVE-2024-38819 in the Spring Framework has…

2 months ago

New AI Tool To Discover 0-Days At Large Scale With A Click Of A Button

Vulnhuntr, a static code analyzer using large language models (LLMs), discovered over a dozen zero-day vulnerabilities in popular open-source AI…

4 months ago