A critical vulnerability in ImageMagick’s image processing library has been disclosed, enabling remote code execution through carefully crafted filename templates. Tracked as CVE-2025-53101, the flaw stems from a stack buffer underwrite in the MagickCo…

Security researchers at LRQA have uncovered a critical remote code execution (RCE) vulnerability in Broadcom’s Symantec Endpoint Management Suite, formerly known as Altiris, that could allow unauthenticated attackers to execute arbitrary code on …

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority security alert warning of serious vulnerabilities in railway brake control systems that could allow attackers to commandeer train operations and potentially cause ca…

The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Wing FTP Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting the security flaw in the wild. Criti…

Security researchers have discovered two critical vulnerabilities in RapidFire Tools Network Detective, a widely-used network assessment and reporting tool developed by Kaseya, that expose sensitive credentials to potential attackers. The flaws, disclo…

Security researchers at Huntress have confirmed active exploitation of a critical remote code execution vulnerability in Wing FTP Server, designated CVE-2025-47812, with the first observed attack occurring just one day after the vulnerability’s p…

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding active exploitation of a newly discovered vulnerability in Citrix NetScaler ADC and Gateway systems, with organizations facing an immediate deadline to im…