Vulnerability - Rankiteo Blog (Page 65)

NPM (Node Package Manager) ecosystem (affected projects using `expr-eval` library)

public – 3 min read

A critical Remote Code Execution (RCE) vulnerability (CVE pending) was discovered in the widely used JavaScript library `expr-eval` (versions <…

Nov 12, 2025

Jeremy C

IBM

public – 2 min read

The incident involves a 403 Forbidden error on an IBM web page, indicating unauthorized access or a misconfigured security restriction.…

Nov 12, 2025

Jeremy C

Elastic

public – 3 min read

Elastic disclosed a critical vulnerability (CVE-2025-37735) in Elastic Defend for Windows, stemming from improper file permission preservation in its SYSTEM-privileged…

Nov 12, 2025

Jeremy C

Samsung

public – 4 min read

Security researchers at Palo Alto Networks uncovered LANDFALL, a sophisticated Android spyware campaign exploiting a zero-day vulnerability (CVE-2025-21042, CVSS 8.…

Nov 12, 2025

Jeremy C

Microsoft

public – 6 min read

Microsoft’s November 2025 Patch Tuesday addressed CVE-2025-62215, an actively exploited Windows Kernel race condition vulnerability enabling local privilege escalation…

Nov 12, 2025

Jeremy C

Microsoft Mechanics: Microsoft Silently Patches Long-Exploited Windows Vulnerability

public – 2 min read

Microsoft has addressed a critical security flaw that has been exploited by threat actors since 2017 through its recent Patch…

Nov 12, 2025

Jeremy C

Samsung (Hypothetical Breach Scenario - Knox Vulnerability Exploit)

public – 3 min read

A zero-day exploit in Samsung Knox’s DEFEX module was discovered, allowing attackers to bypass Message Guard’s zero-click attack…

Nov 5, 2025

Jeremy C

StylemixThemes: Motors WordPress Vulnerability Exposes Sites to Takeover

public – 2 min read

Critical Vulnerability in Motors WordPress Theme Exposes Sites to Full Takeover A severe security flaw in the Motors WordPress theme…

Nov 3, 2025

Jeremy C

Citrix and VMware: Attackers Turn QEMU Into a Stealth Backdoor for Credential Theft and Ransomware

public – 2 min read

Threat Actors Weaponize QEMU as Covert Backdoor for Ransomware and Credential Theft Cybercriminals are increasingly abusing QEMU, a legitimate open-source…

Nov 1, 2025

Jeremy C