More results...
Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow unauthenticated remote attackers to log into a vulnerable Cisco Unified Communications Mana…
Two newly disclosed vulnerabilities in Anthropic’s Filesystem Model Context Protocol (MCP) Server—CVE-2025-53110 and CVE-2025-53109—have exposed AI-powered environments to severe risks, including sandbox escapes, unauthorized file access, and…
ANSSI report details the Chinese UNC5174 linked Houken cyberattack using Ivanti zero-days (CVE-2024-8190, 8963, 9380) against the French government, defence and finance sector.
A newly disclosed vulnerability in Apache Seata, a popular open-source distributed transaction solution, has raised security concerns for organizations relying on affected versions. The flaw, tracked as CVE-2025-32897, enables the deserialization of un…
A newly disclosed critical vulnerability in Wing FTP Server threatens thousands of organizations worldwide, enabling attackers to achieve full server takeover through unauthenticated remote code execution (RCE). The flaw, tracked as CVE-2025-47812…
A newly disclosed, critical vulnerability in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME) has exposed organizations to the risk of full system compromise. Tracked as CVE-2025-20309 and assigned a max…
A newly disclosed vulnerability in ModSecurity, a widely used open-source web application firewall (WAF), exposes servers to denial-of-service (DoS) attacks by exploiting a flaw in the way the software parses empty XML elements. The flaw, registered as…
A newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The flaw, cataloged as GCVE-1-2025-0002, was identified by Italia…
A critical security flaw has been discovered in the widely used YONO SBI: Banking & Lifestyle app, potentially exposing millions of users to man-in-the-middle (MITM) attacks and putting sensitive financial data at risk. The vulnerability, catalogue…
OX Research conducted a ground-breaking study in May and June 2025 that revealed concerning security flaws in the extension verification procedures of some of the most popular Integrated Development Environments (IDEs), such as Visual Studio Code (VSCo…