CVE/vulnerability
Hackers Exploit Tomcat Vulnerability to Hijack Apache Servers
A recent and significant cybersecurity threat has emerged involving a critical vulnerability in Apache Tomcat, identified as CVE-2025-24813.This vulnerability allows for remote code execution, potentially allowing hackers to hijack...
CVE/vulnerability
Adobe Acrobat Vulnerabilities Enable Remote Code Execution
A recent disclosure by Cisco Talos' Vulnerability Discovery & Research team highlighted several vulnerability issues in Adobe Acrobat.All of these vulnerabilities have been addressed...
CVE/vulnerability
Hackers Target TP-Link Vulnerability to Gain Full System Control
Hackers exploit a vulnerability in TP-Link routers, specifically the TL-WR845N model, to gain full control over the system.This exploit allows unauthorized users to access...
CVE/vulnerability
Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks
Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to launch denial-of-service (DoS) attacks. The...
CVE/vulnerability
Critical ruby-saml Vulnerabilities Allow Attackers to Bypass Authentication
A critical security vulnerability has been identified in the ruby-saml library, a popular tool used for Single Sign-On (SSO) via Security Assertion Markup Language...
APT
Blind Eagle Targets Organizations with Weaponized .URL Files to Steal User Hashes
APT-C-36, more commonly known as Blind Eagle, has intensified its operations targeting Colombian governmental, financial, and critical infrastructure organizations.Active since 2018, this Advanced Persistent...
CVE/vulnerability
Apache NiFi Vulnerability Exposes MongoDB Credentials to Attackers
A critical security vulnerability has been identified in Apache NiFi, a popular open-source data integration tool.The vulnerability, tracked as CVE-2025-27017, allows authorized users with...
CVE/vulnerability
Microsoft Finally Patches 2-Year-Old Windows Kernel Security Flaw
Microsoft has released a critical patch for a 2-year-old Windows kernel security vulnerability.This vulnerability, identified as CVE-2025-24983, allows attackers to exploit a weakness...
CVE/vulnerability
Bitdefender Identifies Security Vulnerabilities Enabling Man-in-the-Middle Exploits
Cybersecurity firm Bitdefender has disclosed two high-severity security vulnerabilities affecting its legacy BOX v1 device, exposing users to potential remote code execution and man-in-the-middle...
CVE/vulnerability
FreeType Vulnerability Actively Exploited for Arbitrary Code Execution
A significant vulnerability has been identified in the FreeType library, a widely used open-source font rendering engine.This vulnerability tracked as CVE-2025-27363, is being actively...
CVE/vulnerability
Tenda AC7 Vulnerability Lets Hackers Execute Malicious Payloads for Root Access
A vulnerability has been discovered in the Tenda AC7 router, firmware version V15.03.06.44, which allows attackers to execute malicious payloads and gain root access.As...