Vulnerability

In this section, we talk about the newest information about vulnerabilities, such as stories on newly found security holes, patches, and updates. Keep up with the latest major flaws in systems, hardware, and software, as well as the best ways to reduce risks. Our coverage gives you information on how these holes in security affect things and what you can do to avoid them.

Chinese Hackers Exploit Ivanti VPN Vulnerability to Deliver Malware Payloads

Ivanti disclosed a critical security vulnerability, CVE-2025-22457, affecting its Connect Secure (ICS) VPN appliances, particularly versions 22.7R2.5 and earlier. This…

2 days ago

Vite Development Server Flaw Allows Attackers Bypass Path Restrictions

A critical security vulnerability, CVE-2025-31125, has been identified in the Vite development server. Due to improper path verification during URL request…

2 days ago

Critical Apache Parquet Vulnerability Allows Remote Code Execution

A severe vulnerability has been identified in the Apache Parquet Java library, specifically within its parquet-avro module. This flaw, tracked as CVE-2025-30065, exposes…

2 days ago

Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code

A critical security flaw has been discovered in Halo ITSM, an IT support management software widely deployed across cloud and on-premise…

2 days ago

OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code

OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability that could allow attackers to…

2 days ago

Apache Traffic Server Flaw Allows Request Smuggling Attacks

A critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy server. Identified as CVE-2024-53868, this flaw…

2 days ago

Cisco AnyConnect VPN Server Vulnerability Allows Attackers to Trigger DoS

Cisco has disclosed a significant vulnerability in its AnyConnect VPN Server for Meraki MX and Z Series devices, allowing authenticated attackers to…

3 days ago

SonicWall Firewall Vulnerability Enables Unauthorized Access

Researchers from Bishop Fox have successfully exploited CVE-2024-53704, an authentication bypass vulnerability that affects SonicWall firewalls. This critical flaw allows remote…

3 days ago

Russian Seashell Blizzard Targets Organizations Using Custom-Built Hacking Tools

Seashell Blizzard, also known as APT44, Sandworm, and Voodoo Bear, has emerged as a sophisticated adversary targeting critical sectors worldwide.…

3 days ago

Hackers Exploit Apache Tomcat Flaw to Hijack Servers and Steal SSH Credentials

A newly discovered attack campaign has exposed vulnerabilities in Apache Tomcat servers, allowing hackers to hijack resources and steal SSH…

3 days ago