Vulnerability

Cisco has patched a critical flaw in its IOS XE Software for Wireless LAN Controllers. The vulnerability, due to hardcoded…

The company experienced a cyber attack due to outdated routers that had not received updates for over five years and…

A critical unauthenticated remote code execution vulnerability in Langflow was added to CISA’s Known Exploited Vulnerabilities catalog after proof…

In a comprehensive analysis of nearly five million internet-exposed assets, Google Cloud-hosted services showed 38% of assets with at least…

In its May 2025 Android Security Bulletin, Google addressed 47 distinct flaws in the Android platform, including one zero-day vulnerability…

In late 2024, attackers began exploiting CVE-2024-7399, an easily reachable path traversal flaw in Samsung MagicINFO v9 Server, to deploy…

A critical deserialization vulnerability (CVE-2025-46762) was disclosed in Apache Parquet Java’s parquet-avro module, affecting all versions through 1.15.…

NVIDIA disclosed and patched a high-severity vulnerability (CVE-2025-23254) in its TensorRT-LLM framework that could allow a local attacker to execute…

A critical sandbox escape vulnerability was discovered in multiple Apple operating systems, tracked as CVE-2025-31191. The flaw resides in the…

On April 26, 2025, security experts disclosed a critical flaw in Ruby on Rails’ CSRF protection mechanism that effectively nullifies…

Security researchers discovered a critical TOCTOU vulnerability in Node.js’s CI/CD infrastructure that allowed attackers to execute malicious…

A newly developed offensive security tool, **Indirect-Shellcode-Executor**, exploits a previously overlooked vulnerability in the **Windows API**—specifically within the `ReadProcessMemory`…