Cyber Security News
Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems
A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard for integrating generative AI (GenAI) tools with external systems, has...
CVE/vulnerability
Critical Erlang/OTP SSH Vulnerability Allow Hackers Execute Arbitrary Code Remotely
A major security flaw has been uncovered in the widely used Erlang/OTP SSH implementation, drawing urgent attention from the cybersecurity community worldwide.
The vulnerability, tracked...
CVE/vulnerability
CISA Warns of Potential Credential Exploits Linked to Oracle Cloud Hack
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a public warning following reports of possible unauthorized access to a legacy Oracle Cloud environment.
While...
CVE/vulnerability
Critical Flaw in PHP’s extract() Function Enables Arbitrary Code Execution
A critical vulnerability in PHP’s extract() function has been uncovered, enabling attackers to execute arbitrary code by exploiting memory corruption flaws.
The issue affects PHP versions 5.x,...
CVE/vulnerability
CISA Issues Alert on SonicWall Flaw Being Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert after confirming active exploitation of a SonicWall vulnerability.
The flaw, documented as CVE-2021-20035,...
CVE/vulnerability
Firefox Fixes High-Severity Vulnerability Causing Memory Corruption via Race Condition
Mozilla has released Firefox 137.0.2, addressing a high-severity security flaw that could potentially allow attackers to exploit memory corruption.
The fix comes following the discovery...
CVE/vulnerability
Tails 6.14.2 Released with Critical Fixes for Linux Kernel Vulnerabilities
The Tails Project has urgently released Tails 6.14.2, addressing critical security vulnerabilities in the Linux kernel and the Perl programming language.
This emergency release is vital...
CVE/vulnerability
CISA Issues 9 New ICS Advisories Addressing Critical Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released nine new advisories detailing severe vulnerabilities in widely-used Industrial Control Systems (ICS) products.
These advisories,...