More results...
Google has issued an urgent security update for its Chrome browser, addressing a critical zero-day vulnerability that is being actively exploited by attackers. The flaw, tracked as CVE-2025-6554, is a type confusion vulnerability in Chro…
A series of critical security vulnerabilities have been identified in D-Link DIR-816 routers, exposing users worldwide to the risk of remote code execution and network compromise. The flaws affect all hardware revisions and firmware versions of t…
A critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server, exposing organizations to the risk of remote code execution by unauthenticated attackers. This flaw, which affects widely deployed ve…
A critical vulnerability in Synology’s Active Backup for Microsoft 365 (ABM) has exposed sensitive data from Microsoft 365 tenants worldwide, potentially impacting over a million organizations relying on the popular backup solution. The flaw,…
In a major security revelation, researchers have uncovered critical vulnerabilities in millions of Bluetooth headphones and earbuds, enabling hackers to eavesdrop on conversations, hijack devices, and access sensitive data—all without user authenticati…
A newly disclosed critical vulnerability in Hunt Electronics’ hybrid DVRs has left thousands of surveillance systems dangerously exposed, with administrator credentials accessible in plaintext to anyone on the internet. Security researchers have assign…
A critical security vulnerability has been discovered in multiple Mitsubishi Electric air conditioning systems, potentially allowing hackers to bypass authentication and remotely control affected units. The flaw, identified as CVE-2025-3699, was disclo…
A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-service (DoS) conditions by exploiting improper input validation in OIDC authentication. The flaw allows malicious acto…
A newly disclosed critical vulnerability in the Open VSX Registry, the open-source marketplace for Visual Studio Code (VS Code) extensions, has put millions of developers worldwide at risk of devastating supply chain attacks. The flaw, discovered by cy…
Cisco has issued urgent security patches addressing two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) platforms. These flaws, which both carry the highest possible CVSS severity score of 10….