Vulnerability

Researchers in Austria exploited a long-standing vulnerability in **WhatsApp** to harvest personal data from over **3.5 billion users**, marking…

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about CVE-2025-58034, a critical OS command injection vulnerability…

The critical CVE-2025-64446 vulnerability in Fortinet FortiWeb WAF allows unauthenticated attackers to gain administrative access via a relative path-traversal flaw…

A critical **OS command injection vulnerability (CVE-2025-58034, CVSS 6.7)** was discovered in **Fortinet’s FortiWeb security platform**, with confirmed…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent warning about **CVE-2025-64446**, a critical **relative path traversal…

A vulnerability in DoorDash’s systems allowed threat actors to exploit an unpatched flaw in the DoorDash for Business platform,…

ASUS disclosed a critical authentication bypass vulnerability (CVE-2025-59367) in multiple DSL-series routers (DSL-AC51, DSL-N16, DSL-AC750), allowing unauthenticated remote attackers to…

A critical path traversal vulnerability (CVE pending) in Fortinet’s FortiWeb web application firewall (WAF) is being actively exploited globally,…

Samsung addressed a critical path traversal vulnerability (CVE-2025-4632) in its MagicINFO 9 Server, exploited to propagate the Mirai botnet. The…

Fortinet silently patched a **zero-day vulnerability** in its **FortiWeb Web Application Firewall (WAF)**, versions 7.0.7 and 7.2.…

A critical denial-of-service (DoS) vulnerability (CVE-TBD) in Palo Alto Networks’ PAN-OS allows unauthenticated attackers to remotely reboot firewalls by sending…

Fortinet faced criticism for silently patching **two zero-day vulnerabilities** in its **FortiWeb web application firewall (WAF)** without adequately informing customers.…