More results...
Google has released an urgent security update for its Chrome browser to address a critical zero-day vulnerability actively exploited by threat actors. The flaw, tracked as CVE-2025-13223, affects the V8 JavaScript engine and poses a significant risk to…
Microsoft Azure successfully defended against a record-breaking distributed denial-of-service (DDoS) attack that peaked at 15.72 terabits per second (Tbps), making it the most significant DDoS attack ever observed in the cloud. On October 24, 2025, Azu…
Microsoft Azure successfully defended against a record-breaking distributed denial-of-service (DDoS) attack that peaked at 15.72 terabits per second (Tbps), making it the most significant DDoS attack ever observed in the cloud. On October 24, 2025, Azu…
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in the wild. The vulnerability, tra…
A critical logic flaw discovered in the widely used mPDF PHP library could expose internal networks and sensitive services on approximately 70 million devices worldwide. The vulnerability stems from improper regular expression parsing, which allows att…
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical security alert regarding multiple vulnerabilities affecting General Industrial Controls’ Lynx+ Gateway device. Released on November 13, 2025, under alert code ICSA-…
IBM has released critical security updates addressing four severe vulnerabilities in AIX and VIOS systems that could allow remote attackers to execute arbitrary commands, steal credentials, and traverse system directories. The vulnerabilities affect mu…
Cybersecurity researchers have observed a dramatic escalation in attacks exploiting a critical XWiki vulnerability, with multiple threat actors now leveraging CVE-2025-24893 to deploy botnets, cryptocurrency miners, and custom malware toolkits. The vu…
CISA issues an urgent directive for all organizations to patch Cisco ASA and Firepower devices against CVE-2025-20362 and CVE-2025-20333, exploited in the ArcaneDoor campaign. Verify the correct version now!
Anthropic, the developer behind Claude AI, says a Chinese state sponsored group used its model to automate most of a cyber espionage operation against about 30 companies with Claude handling up to 90% of the technical work.