Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about active exploitation of CVE-2025-5086, a critical remote…

Samsung patched a critical zero-day vulnerability (CVE-2025-21043) in its Android devices (Android 13+), exploited in real-world attacks. The flaw, an…

A critical security vulnerability was discovered in Cursor, an AI-powered fork of Visual Studio Code, where a disabled-by-default Workspace Trust…

Adobe is facing active exploitation attempts targeting CVE-2025-54236 (SessionReaper), a critical Improper Input Validation vulnerability in Adobe Commerce and Magento…

The research exposed critical privacy vulnerabilities in Quantum Machine Learning (QML) models, demonstrating that attackers could infer membership of training…

A zero-day vulnerability (CVE-2025-55177) was discovered in WhatsApp’s linked-device synchronization feature, allowing unauthorized users to force a target device…

A zero-day vulnerability (CVE-2025-53690) in Sitecore’s Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) was exploited by…

Cybercriminals are leveraging HexStrike-AI, a legitimate red teaming tool, to automate exploits against Citrix NetScaler ADC and Gateway using recently…

New Windows CLFS Driver Vulnerability Enables Low-Privilege DoS Attacks A proof-of-concept (PoC) exploit has been released for CVE-2026-2636, a newly…

Malicious VS Code Extensions Exfiltrate Developer Data to China-Based Servers Cybersecurity researchers have uncovered two malicious Visual Studio Code (VS…

AWS CodeBuild Misconfiguration Could Have Enabled Supply Chain Attacks In September 2025, Amazon Web Services (AWS) patched a critical misconfiguration…

WhatsApp disclosed a zero-click exploit chain targeting specific users by combining a WhatsApp vulnerability (CVE-2025-55177) with an Apple Image I/…