Vulnerability

Critical Zero-Day in Cloudflare WAF Exposed Origin Servers to Bypass Attacks Security researchers from FearsOff uncovered a zero-day vulnerability in…

Brunswick County Schools (BCS) experienced a phishing attempt targeting email accounts of students and staff. The incident was detected and…

Ivanti Patches Critical Vulnerabilities in Endpoint Manager (EPM) Platform Ivanti has released urgent security updates for its Endpoint Manager (EPM)…

AMD disclosed **CVE-2025-62626 (AMD-SB-7055)**, a high-severity vulnerability in its **Zen 5 processors** affecting the **RDSEED instruction**, critical for cryptographic random…

A critical vulnerability named **ForcedLeak** was discovered in Salesforce’s **Agentforce** AI platform, enabling external attackers to exploit **prompt injection*…

Cybersecurity researchers from Trend Micro uncovered two critical authentication bypass vulnerabilities (CVE-2025-10643 and CVE-2025-10644, CVSS scores 9.1 and 9.…

Western Digital disclosed a critical OS command injection vulnerability (CVE-2025-30247) in multiple My Cloud NAS models, including PR2100, PR4100, EX4100,…

SolarWinds disclosed a **critical remote code execution (RCE) vulnerability (CVE-2025-26399)** in its **Web Help Desk (WHD) 12.8.7 and…

Libraesva’s Email Security Gateway (ESG), a widely used email protection solution for over 200,000 users across SMBs and…

A critical token validation failure (CVE-2025-55241, CVSS 10.0) in Microsoft Entra ID (formerly Azure AD) was discovered by researcher…

WatchGuard disclosed a critical out-of-bounds write vulnerability (CVE-2025-9242, CVSS 9.3/10) in its Firebox firewalls, allowing remote, unauthenticated attackers…

Samsung patched CVE-2025-21043, a critical remote code execution (RCE) vulnerability in libimagecodec.quram.so, a closed-source image parsing library by…