More results...
A critical security vulnerability has been discovered in Apache bRPC that allows attackers to remotely crash services through network-based denial of service attacks. The vulnerability, designated as CVE-2025-54472, affects all versions of Apache bRPC …
Security researcher Ionuț Cernica revealed how commonplace Linux utilities can be weaponized to siphon sensitive data in multi-tenant environments. His talk, “Silent Leaks: Harvesting Secrets from Shared Linux Environments,” exposed that without any ro…
Security researchers at AmberWolf have uncovered critical vulnerabilities in leading Zero Trust Network Access (ZTNA) solutions from major cybersecurity vendors, potentially exposing thousands of organizations to authentication bypasses and privilege e…
A vulnerability in Microsoft Windows’ Remote Procedure Call (RPC) protocol has been discovered that allows attackers to manipulate core system communications and launch sophisticated server spoofing attacks. The flaw, designated CVE-2025-49760, e…
Xerox Corporation has released critical security updates for its FreeFlow Core software, addressing two significant vulnerabilities that could allow attackers to perform server-side request forgery (SSRF) attacks and achieve remote code execution on af…
A security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute malicious code. The flaw, tracked as CVE-2025-55188, affects all ve…
Cisco Talos’ Vulnerability Discovery & Research team has disclosed a total of 12 critical security vulnerabilities across three popular software platforms, highlighting significant security risks that could potentially impact millions of user…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive 25-02 on August 7, 2025, requiring federal agencies to immediately address a critical vulnerability in Microsoft Exchange hybrid configurations that could allow …
Security researchers have successfully demonstrated a sophisticated exploit of the Retbleed vulnerability, a critical CPU security flaw that allows attackers to read arbitrary memory from any process running on affected systems. The exploit, which…
Akamai Technologies disclosed a critical HTTP request smuggling vulnerability affecting its content delivery network platform that could allow attackers to inject hidden secondary requests through a sophisticated exploitation technique. The vulnerabili…