More results...
A critical security vulnerability has been discovered in Fortinet’s FortiWeb web application firewall that allows unauthenticated attackers to execute malicious SQL commands through the device’s graphical user interface. The flaw, designate…
A Chinese state-sponsored hacker, Xu Zewei, 33, has been arrested for his alleged role in the widespread HAFNIUM cyber attacks and theft of COVID-19 research. Learn about the charges and China’s Ministry of State Security involvement.
Security researchers have uncovered two significant vulnerabilities in Zoom Clients for Windows, exposing users to potential Denial of Service (DoS) attacks. The flaws, identified as classic buffer overflow vulnerabilities, could allow an authorized us…
Fortinet has disclosed a critical security vulnerability in FortiOS that could allow authenticated attackers to execute arbitrary code through a heap-based buffer overflow in the cw_stad daemon, affecting multiple versions of the popular network securi…
Ivanti has released critical security updates for its Connect Secure and Policy Secure products, addressing six medium-severity vulnerabilities that could potentially lead to denial-of-service attacks and unauthorized access. The cybersecurity firm ann…
MediaTek has released a comprehensive security bulletin addressing 16 critical vulnerabilities across its extensive chipset portfolio, including smartphone, tablet, AIoT, smart display, smart platform, OTT, computer vision, audio, and TV chipsets. The …
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical path traversal vulnerability in Ruby on Rails, designated as CVE-2019-5418. The agency added this five-year-old secur…
Security researchers have released proof-of-concept exploits for CVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed “CitrixBleed2.” The flaw allows unauthenticated attackers to extract sensitive …
Researchers released technical information and exploit code targeting a critical vulnerability (CVE-2025-5777) in Citrix NetScaler.
The post Exploits, Technical Details Released for CitrixBleed2 Vulnerability appeared first on SecurityWeek.
Security researchers have discovered a critical vulnerability in DNN (formerly DotNetNuke), one of the oldest open-source content management systems, that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass t…