More results...
A newly disclosed critical vulnerability (CVE-2025-4009) in Evertz’s Software Defined Video Network (SDVN) product line exposes a wide range of broadcasting infrastructure to unauthenticated remote code execution. The flaw, uncovered by ONEKEY Research…
A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MD…
On May 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a new Industrial Control Systems (ICS) advisory—ICSA-25-146-01—highlighting a significant security vulnerability in the Johnson Controls iSTAR Configuration Utility (…
The Chrome team at Google has officially released Chrome 137 to the stable channel for Windows, Mac, and Linux platforms. This update, version 137.0.7151.55/56, brings a host of security improvements, bug fixes, and technical enhancements, reinforcing …
Mozilla has released Firefox 139, addressing several critical and moderate security vulnerabilities that posed significant risks to users. The update, announced on May 27, 2025, resolves issues ranging from memory corruption and local code execution to…
A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a widely used WordPress extension with over 100,000 active installations. This plugin enables WooCommerce store owners to integrate wishlist functionality into their onli…
Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in the Craft Content Management System (CMS). Discovered by Orange Cyberdefense in mid-February 2025 and publicly disclosed on April 25, 20…
Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec …
At this year’s Pwn2Own Berlin, security researchers successfully demonstrated two new zero-day exploits against Mozilla Firefox, targeting the browser’s content process. The vulnerabilities—CVE-2025-4918 and CVE-2025-4919—were both found in Firefox’s J…
Critical security flaws have been identified in the eCharge Hardy Barth cPH2 and cPP2 charging stations, specifically affecting firmware version 2.2.0. These vulnerabilities, discovered by Stefan Viehböck of SEC Consult Vulnerability Lab, expose electr…