CVE/vulnerability
Ingress NGINX RCE Vulnerability Allows Attackers to Compromise Entire Cluster
A series of remote code execution (RCE) vulnerabilities known as "IngressNightmare" have been discovered in the Ingress NGINX Controller for Kubernetes.These vulnerabilities, identified as CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974, pose a critical threat...
cyber security
Enhancing Satellite Security by Encrypting Video Data Directly on Payloads
The rapid expansion of low-Earth orbit (LEO) satellite constellations has underscored the need for secure video transmission in satellite communication systems.Applications such as...
cyber security
CleanStack: Dual-Stack Solution to Defend Against Memory Corruption Attacks
CleanStack is a novel stack protection mechanism designed to combat memory corruption attacks, which have long been a significant threat to software systems.These...
CVE/vulnerability
WordPress Plugin Vulnerability Opens Door to SQL Injection Exploits
A critical vulnerability in the popular WordPress plugin GamiPress has been uncovered, leaving users exposed to unauthenticated SQL injection attacks.The issue, assigned the identifier...
CVE/vulnerability
WordPress Plugin Flaw Exposes 200,000+ Sites at Risk of Code Execution
A critical security vulnerability has been discovered in the popular WordPress plugin, WP Ghost, which boasts over 200,000 active installations.This flaw, tracked as CVE-2025-26909,...
CVE/vulnerability
Critical Next.js Middleware Vulnerability Allows Attackers to Bypass Authorization
A severe vulnerability has been identified in Next.js, a popular React framework used for building web applications, under the designation CVE-2025-29927.This critical flaw allows...
cyber security
Researchers Reveal macOS Vulnerability Exposing System Passwords
A recent article by Noah Gregory has highlighted a significant vulnerability in macOS, identified as CVE-2024-54471, which was patched in the latest security updates...
Cloud
JumpServer Flaws Allow Attackers to Bypass Authentication and Gain Full Control
JumpServer, a widely used open-source Privileged Access Management (PAM) tool developed by Fit2Cloud, has been found to have critical security vulnerabilities.These flaws, recently...
CVE/vulnerability
Hackers Actively Exploit Apache Tomcat Servers via CVE-2025-24813 – Patch Now
A concerning development has emerged with the active exploitation of Apache Tomcat servers through the recently disclosed vulnerability, CVE-2025-24813.This vulnerability allows attackers to potentially...
APT
UAT-5918 Hackers Exploit N-Day Vulnerabilities in Exposed Web and Application Servers
A recent cybersecurity threat, identified as UAT-5918, has been actively targeting entities in Taiwan, particularly those in critical infrastructure sectors such as telecommunications, healthcare,...
CVE/vulnerability
Veeam RCE Vulnerability Allows Domain Users to Hack Backup Servers
Researchers uncovered critical Remote Code Execution (RCE) vulnerabilities in the Veeam Backup & Replication solution.These vulnerabilities, which include CVE-2025-23120, exploit weaknesses in deserialization mechanisms,...