More results...
Security researchers have uncovered severe vulnerabilities in Django that could allow attackers to execute arbitrary code on affected systems. These flaws, ranging from directory traversal to log injection, highlight critical security risks in one of P…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert following the addition of a critical Citrix NetScaler vulnerability—CVE-2025-6543—to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of activ…
Google has issued an urgent security update for its Chrome browser, addressing a critical zero-day vulnerability that is being actively exploited by attackers. The flaw, tracked as CVE-2025-6554, is a type confusion vulnerability in Chro…
A sophisticated cyberattack campaign has emerged, exploiting a critical vulnerability in Langflow, a widely-used Python-based framework for building AI applications, to deploy the destructive Flodrix botnet. Identified as CVE-2025-3248 and carrying a n…
Two deadly Ransomware Attacks on European hospitals show cybercrime now risks lives not just data with patients dying after treatment delays.
While Citrix has observed some instances where CVE-2025-6543 has been exploited on vulnerable NetScaler networking appliances, the company still says that they don’t have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777, both of which …
Vulnerabilities in Airoha Bluetooth SoCs expose headphone and earbud products from multiple vendors to takeover attacks.
The post Airoha Chip Vulnerabilities Expose Headphones to Takeover appeared first on SecurityWeek.
A series of critical security vulnerabilities have been identified in D-Link DIR-816 routers, exposing users worldwide to the risk of remote code execution and network compromise. The flaws affect all hardware revisions and firmware versions of t…
Unidentified hackers breached a Norwegian dam’s control system in April, opening its valve for hours due to a weak password. Learn how simple vulnerabilities threaten critical infrastructure.
A critical security vulnerability, tracked as CVE-2025-36038, has been discovered in IBM WebSphere Application Server, exposing organizations to the risk of remote code execution by unauthenticated attackers. This flaw, which affects widely deployed ve…