Vulnerability

Multiple Jenkins Vulnerabilities Allow Attackers to Expose SecretsMultiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets

Multiple Jenkins Vulnerabilities Allow Attackers to Expose Secrets

Jenkins, the widely-used open-source automation server, issued a high-priority security advisory on March 5, 2025, disclosing four medium-severity vulnerabilities affecting…

3 months ago
AMD Microcode Vulnerability Allows Attackers to Load Malicious PatchesAMD Microcode Vulnerability Allows Attackers to Load Malicious Patches

AMD Microcode Vulnerability Allows Attackers to Load Malicious Patches

A critical vulnerability in AMD’s Zen 1 through Zen 4 processors allows attackers to bypass microcode signature validation, potentially undermining…

3 months ago
FBI Warns: Threat Actors Impersonating BianLian Group to Target Corporate ExecutivesFBI Warns: Threat Actors Impersonating BianLian Group to Target Corporate Executives

FBI Warns: Threat Actors Impersonating BianLian Group to Target Corporate Executives

The Federal Bureau of Investigation (FBI) issued a critical alert through its Internet Crime Complaint Center (IC3) warning of a…

3 months ago
Apache Airflow Misconfigurations Leak Login Credentials to HackersApache Airflow Misconfigurations Leak Login Credentials to Hackers

Apache Airflow Misconfigurations Leak Login Credentials to Hackers

A recent investigation into misconfigured Apache Airflow instances has uncovered critical vulnerabilities exposing login credentials, API keys, and cloud service…

3 months ago
Critical IDOR Vulnerabilities in ZITADEL Let Hackers Modify Key SettingsCritical IDOR Vulnerabilities in ZITADEL Let Hackers Modify Key Settings

Critical IDOR Vulnerabilities in ZITADEL Let Hackers Modify Key Settings

Security researchers have disclosed critical Insecure Direct Object Reference (IDOR) vulnerabilities in ZITADEL’s administration interface that expose organizations to account takeover risks…

3 months ago
LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URLLibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL

LibreOffice Flaw Allows Attackers to Run Arbitrary Scripts via Macro URL

A significant security vulnerability in LibreOffice, designated as CVE-2025-1080, has been patched in versions 24.8.5 and 25.2.1, released on March…

3 months ago
Technical Analysis Released on Bybit Hot Wallet ExploitTechnical Analysis Released on Bybit Hot Wallet Exploit

Technical Analysis Released on Bybit Hot Wallet Exploit

Cryptocurrency exchange Bybit suffered a sophisticated smart contract exploit on February 21, 2025, resulting in the theft of 401,346.76 ETH…

3 months ago
CISA Issues Alert on Actively Exploited VMware VulnerabilitiesCISA Issues Alert on Actively Exploited VMware Vulnerabilities

CISA Issues Alert on Actively Exploited VMware Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) escalated warnings on March 4, 2025, by adding four severe vulnerabilities to…

3 months ago
Cisco Webex for BroadWorks Flaw Opens Door for Attackers to Access CredentialsCisco Webex for BroadWorks Flaw Opens Door for Attackers to Access Credentials

Cisco Webex for BroadWorks Flaw Opens Door for Attackers to Access Credentials

Cisco Systems has disclosed a security vulnerability in its Webex for BroadWorks unified communications platform that could allow attackers to…

3 months ago
Over 10,000 WordPress Sites Exposed by Donation Plugin Code Execution VulnerabilityOver 10,000 WordPress Sites Exposed by Donation Plugin Code Execution Vulnerability

Over 10,000 WordPress Sites Exposed by Donation Plugin Code Execution Vulnerability

A critical security flaw in the widely used GiveWP – Donation Plugin and Fundraising Platform has left over 10,000 WordPress websites vulnerable…

3 months ago