More results...
Samsung users across West Asia and North Africa are raising serious privacy concerns over AppCloud. This pre-installed bloatware application collects sensitive personal data without consent. It cannot be easily removed from Galaxy A and M series smartp…
IBM has released critical security updates addressing four severe vulnerabilities in AIX and VIOS systems that could allow remote attackers to execute arbitrary commands, steal credentials, and traverse system directories. The vulnerabilities affect mu…
Security researchers at Oligo Security have uncovered a series of critical Remote Code Execution vulnerabilities affecting widely deployed AI inference servers from major technology companies. The flaws affect frameworks developed by Meta, NVIDIA, Micr…
The U.S. Justice Department has announced a significant crackdown on North Korean cybercrime operations, securing five guilty pleas and initiating civil forfeiture actions totaling over $15 million against schemes orchestrated by the Democratic People&…
Cybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency miners, and custom malware toolkits. The vu…
Security researchers have uncovered a critical vulnerability in Cursor, the AI-powered code editor, that allows attackers to inject malicious code through rogue Model Context Protocol (MCP) servers. Unlike VS Code, Cursor lacks integrity checks on its …
NVIDIA has released critical security patches addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute arbitrary code and escalate privileges on affected systems. The vulnerabilities affect all versions o…
A critical unauthenticated SQL injection vulnerability has been discovered in Zoho Analytics Plus on-premise, posing a severe risk to organizations running affected versions. Tracked as CVE-2025-8324, this flaw enables attackers to execute arbitrary SQ…
The Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite infrastructure. The breach, which occurred on July 10, 2025, went undetecte…
A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply the patch immediately to prevent potential server compromises. The…