CoreDNS
public
–
1 min read
A high-severity security vulnerability, CVE-2025-47950, has been discovered in CoreDNS, allowing remote attackers to exhaust server memory through DNS-over-QUIC (DoQ)…
Insyde Software: Bootkit malware injection possible with novel Secure Boot vulnerability
public
–
2 min read
Critical UEFI Flaw (CVE-2025-3052) Exposes Systems to Bootkit Attacks
A newly disclosed memory corruption vulnerability in UEFI firmware, tracked as…
Aim Security: Microsoft 365 Copilot ‘zero-click’ vulnerability enabled data exfiltration
public
–
2 min read
Microsoft Patches Critical Zero-Click Flaw in Microsoft 365 Copilot
Microsoft has addressed a severe "zero-click" vulnerability in its…
ManageEngine
public
–
1 min read
A severe security vulnerability identified as CVE-2025-3835 has been found in ManageEngine Exchange Reporter Plus. This vulnerability allows attackers to…
Microsoft and Adobe: Microsoft and Adobe Patch Tuesday, June 2025 Security Update Review
public
–
4 min read
Microsoft and Adobe Address Critical Vulnerabilities in June 2025 Patch Tuesday
Microsoft’s June 2025 Patch Tuesday released fixes for…
Cisco warns of ISE cloud credential vulnerability
public
–
2 min read
**Cisco Patches High-Severity Cloud Vulnerability in Identity Services Engine**
Cisco has released an urgent advisory addressing a high-severity vulnerability (CVE-2025-20286)…
Roundcube
public
–
1 min read
Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) flaw with a public…
Jenkins
public
–
1 min read
A critical cross-site scripting (XSS) vulnerability in the popular Jenkins Gatling Plugin allows attackers to bypass Content-Security-Policy (CSP) protections. The…
Fortinet
public
–
1 min read
A critical zero-day vulnerability affecting multiple Fortinet products has been actively exploited. The vulnerability, tracked as CVE-2025-32756, enables unauthenticated remote…
TBK Vision
public
–
1 min read
A new variant of the Mirai malware botnet is exploiting a command injection vulnerability (CVE-2024-3721) in TBK DVR-4104 and DVR-4216…
HPE
public
–
1 min read
Multiple severe security vulnerabilities in HPE Insight Remote Support (IRS) platform that could allow attackers to execute remote code, traverse…
Wireshark Foundation
public
–
1 min read
A critical vulnerability (CVE-2025-5601) in Wireshark allows attackers to trigger denial-of-service (DoS) attacks through packet injection or malformed capture files.…