More results...
A critical vulnerability in Synology’s Active Backup for Microsoft 365 (ABM) has exposed sensitive data from Microsoft 365 tenants worldwide, potentially impacting over a million organizations relying on the popular backup solution. The flaw,…
In a major security revelation, researchers have uncovered critical vulnerabilities in millions of Bluetooth headphones and earbuds, enabling hackers to eavesdrop on conversations, hijack devices, and access sensitive data—all without user authenticati…
A patient’s death is confirmed linked to the June 2024 ransomware attack by the Qilin ransomware gang on Synnovis, crippling London’s NHS. Learn about the disruptions and Impact.
Cybercriminals use malicious AI models to write malware and phishing scams Cisco Talos warns of rising threats from uncensored and custom AI tools.
A newly disclosed critical vulnerability in Hunt Electronics’ hybrid DVRs has left thousands of surveillance systems dangerously exposed, with administrator credentials accessible in plaintext to anyone on the internet. Security researchers have assign…
A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.
The post Vulnerability Exposed All Open VSX Repositories to Takeover appeared first on SecurityWeek.
A critical security vulnerability has been discovered in multiple Mitsubishi Electric air conditioning systems, potentially allowing hackers to bypass authentication and remotely control affected units. The flaw, identified as CVE-2025-3699, was disclo…
A critical pre-authentication vulnerability (CVE-2025-6709) in MongoDB Server enables unauthenticated attackers to trigger denial-of-service (DoS) conditions by exploiting improper input validation in OIDC authentication. The flaw allows malicious acto…
A newly disclosed critical vulnerability in the Open VSX Registry, the open-source marketplace for Visual Studio Code (VS Code) extensions, has put millions of developers worldwide at risk of devastating supply chain attacks. The flaw, discovered by cy…
A severe security flaw has been identified in IBM WebSphere Application Server, potentially allowing remote attackers to execute arbitrary code on affected systems. Tracked under CVE-2025-36038, this vulnerability stems from a deserialization of untrus…