More results...
The Open Web Application Security Project (OWASP) has officially unveiled the eighth edition of its influential Top 10 security risks list for 2025, introducing significant changes that reflect the evolving landscape of application security threats. Th…
The infamous Meow attack, which devastated unsecured databases since 2020, has resurfaced with renewed force through MAD-CAT (Meow Attack Data Corruption Automation Tool). This custom-built adversarial simulation tool demonstrates how easily attackers …
A critical remote code execution vulnerability has been discovered in the widely used JavaScript library expr-eval, affecting thousands of projects that rely on it for mathematical expression evaluation and natural language processing. The vulnerabilit…
HackGPT Enterprise has officially launched as a production-ready, cloud-native AI-powered penetration testing platform designed specifically for enterprise security teams. Created by Yashab Alam, Founder and CEO of ZehraSec, the platform represents a s…
Intel is pursuing legal action against a former software engineer who the company claims downloaded thousands of confidential files shortly after being fired in July. The incident highlights growing concerns about data security during workforce reducti…
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization library, affecting versions before 3.0. The flaw resides in the JsonPlusSerializer component, which is the default serialization protocol u…
Elastic has released a security advisory addressing a significant vulnerability in Elastic Defend that could allow attackers to escalate their privileges on Windows systems. The vulnerability, tracked as CVE-2025-37735, stems from improper preservation…
Three critical vulnerabilities in runc, the widely-used container runtime that powers Docker and Kubernetes, have been disclosed, allowing attackers to break out of container isolation and gain root access to host systems. The flaws, identified as CVE-…
Security researchers have discovered an actively exploited remote code execution vulnerability in Monsta FTP, a web-based FTP client used by financial institutions, enterprises, and individual users worldwide. The flaw, now tracked as CVE-2025-34299, a…
A new ransomware group, Cephalus, has emerged in the cybersecurity threat landscape, targeting organizations through compromised Remote Desktop Protocol (RDP) accounts. First detected in mid-June 2025, this group represents a growing threat to business…