More results...
Keygraph has unveiled Shannon, a fully autonomous artificial intelligence pentester designed to discover and execute real exploits in web applications. Unlike conventional vulnerability scanners that generate false positives, Shannon bridges a critical…
Atlassian has released software updates for Bamboo, Bitbucket, Confluence, Crowd, Fisheye/Crucible, and Jira.
The post Atlassian Patches Critical Apache Tika Flaw appeared first on SecurityWeek.
Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.
The post Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw appeared first on SecurityWeek.
Apple has issued critical security patches addressing two actively exploited zero-day vulnerabilities affecting iPhone and iPad devices. The tech giant confirmed that both flaws were leveraged in extremely sophisticated attacks targeting specific indiv…
Threat actors have hacked at least nine organizations by exploiting the recently patched Gladinet CentreStack flaw.
The post Gladinet CentreStack Flaw Exploited to Hack Organizations appeared first on SecurityWeek.
Because user input is not sufficiently sanitized, attackers could exploit the flaw to define external entities within an XML request.
The post Recent GeoServer Vulnerability Exploited in Attacks appeared first on SecurityWeek.
XSS remains the top software weakness, followed by SQL injection and CSRF. Buffer overflow issues and improper access control make it to top 25.
The post MITRE Releases 2025 List of Top 25 Most Dangerous Software Vulnerabilities appeared first on Secur…
All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services.
The post Microsoft Bug Bounty Program Expanded to Third-Party Code appeared first on SecurityWeek.
Participants earned rewards at the hacking competition for Grafana, Linux Kernel, Redis, MariaDB, and PostgreSQL vulnerabilities.
The post $320,000 Paid Out at Zeroday.Cloud for Open Source Software Exploits appeared first on SecurityWeek.
The exploited flaw allows attackers to overwrite files outside the repository, leading to remote code execution.
The post Unpatched Gogs Zero-Day Exploited for Months appeared first on SecurityWeek.